- From: James M Snell <jasnell@gmail.com>
- Date: Thu, 9 May 2013 10:26:16 -0700
- To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
In going through a number of issues relating to frame sizes, I note that the spec currently does not deal with the issue of "overlong" or padded frames. That is, what happens if a frame contains more data than what is explicitly called for in it's definition. For instance, the GOAWAY frame currently defines it's payload as a 32-bit error code. What happens if that frame contains more than 32-bits? .. e.g. 00 40 07 00 00 00 00 00 0A BC DE FF FF FF FF FF An implementation that is not being careful could completely miss the extra junk bytes here. For GOAWAY it's obviously not too much of a concern, but the risk for abuse exists for all frames that define a specific structure for the payload data. Recommendation: Adding a short statement that a PROTOCOL_ERROR MUST be returned if a frame contains more bytes than what is expressly specified in the frame definition. - James
Received on Thursday, 9 May 2013 17:27:06 UTC