Skip to content

Commit

Permalink
http: disable headersTimeout check when set to zero
Browse files Browse the repository at this point in the history
PR-URL: #33307
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
  • Loading branch information
ShogunPanda authored and targos committed May 25, 2020
1 parent 5c0232a commit ebd9090
Show file tree
Hide file tree
Showing 3 changed files with 57 additions and 2 deletions.
2 changes: 2 additions & 0 deletions doc/api/http.md
Original file line number Diff line number Diff line change
Expand Up @@ -1122,6 +1122,8 @@ event is emitted on the server object, and (by default) the socket is destroyed.
See [`server.timeout`][] for more information on how timeout behavior can be
customized.

A value of `0` will disable the HTTP headers timeout check.

### `server.listen()`

Starts the HTTP server listening for connections.
Expand Down
8 changes: 6 additions & 2 deletions lib/_http_server.js
Original file line number Diff line number Diff line change
Expand Up @@ -571,8 +571,12 @@ function onParserExecute(server, socket, parser, state, ret) {

// If we have not parsed the headers, destroy the socket
// after server.headersTimeout to protect from DoS attacks.
// start === 0 means that we have parsed headers.
if (start !== 0 && nowDate() - start > server.headersTimeout) {
// start === 0 means that we have parsed headers, while
// server.headersTimeout === 0 means user disabled this check.
if (
start !== 0 && server.headersTimeout &&
nowDate() - start > server.headersTimeout
) {
const serverTimeout = server.emit('timeout', socket);

if (!serverTimeout)
Expand Down
49 changes: 49 additions & 0 deletions test/parallel/test-http-server-disabled-headers-timeout.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
'use strict';

const common = require('../common');
const assert = require('assert');
const { createServer } = require('http');
const { connect } = require('net');

// This test verifies that it is possible to disable
// headersTimeout by setting it to zero.

const server = createServer(common.mustCall((req, res) => {
res.writeHead(200);
res.end('OK');
}));

server.headersTimeout = 0;

server.once('timeout', common.mustNotCall((socket) => {
socket.destroy();
}));

server.listen(0, common.mustCall(() => {
const client = connect(server.address().port);
let response = '';

client.resume();
client.write('GET / HTTP/1.1\r\nConnection: close\r\n');

// All the timeouts below must be greater than a second, otherwise
// headersTimeout won't be triggered anyway as the current date is cached
// for a second in HTTP internals.
setTimeout(() => {
client.write('X-Crash: Ab: 456\r\n');
}, common.platformTimeout(1100)).unref();

setTimeout(() => {
client.write('\r\n');
}, common.platformTimeout(1200)).unref();

client.on('data', (chunk) => {
response += chunk.toString('utf-8');
});

client.on('end', common.mustCall(() => {
assert.strictEqual(response.split('\r\n').shift(), 'HTTP/1.1 200 OK');
client.end();
server.close();
}));
}));

0 comments on commit ebd9090

Please sign in to comment.