http2: The http2 server rejects large headers and the cutoff does not appear to be configurable #35218
Description
- Version: 14.10.0, 12.18.3, 10.22.1
- Platform: Linux DESKTOP-OKC3QBQ 4.4.0-18362-Microsoft Crypto tests overhaul #1049-Microsoft Thu Aug 14 12:01:00 PST 2020 x86_64 x86_64 x86_64 GNU/Linux
- Subsystem: http2
What steps will reproduce the bug?
const http2 = require('http2');
const server = http2.createServer({
maxSendHeaderBlockLength: Number.MAX_SAFE_INTEGER
});
server.on('stream', (stream, headers) => {
stream.respond();
stream.end();
});
server.listen(8080, () => {
const clientSession = http2.connect('http://localhost:8080', {
maxSendHeaderBlockLength: Number.MAX_SAFE_INTEGER
});
clientSession.on('error', (error) => {
console.log(error);
});
// 90kB is fairly close to the limit. 80kB is below the limit
const stream = clientSession.request({
'test-header': 'A'.repeat(90_000)
});
stream.on('close', () => {
console.log(`Stream closed with RST_STREAM code ${stream.rstCode}`);
});
stream.on('error', (error) => {
console.log(error);
})
stream.end();
});How often does it reproduce? Is there a required condition?
This reproduction is 100% consistent
What is the expected behavior?
Expected output:
Stream closed with RST_STREAM code 0
What do you see instead?
Actual output:
Error [ERR_HTTP2_SESSION_ERROR]: Session closed with error code 9
at Http2Session.onGoawayData (internal/http2/core.js:642:21) {
code: 'ERR_HTTP2_SESSION_ERROR'
}
Stream closed with RST_STREAM code 9
Error [ERR_HTTP2_SESSION_ERROR]: Session closed with error code 9
at Http2Session.onGoawayData (internal/http2/core.js:642:21) {
code: 'ERR_HTTP2_SESSION_ERROR'
}
Additional information
I tried configuring this limit using the maxHeaderListSize and headerTableSize settings, but they seemed to have no effect.