W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: #551: Limiting header sizes

From: Glen Knowles <gknowles@ieee.org>
Date: Wed, 16 Jul 2014 23:02:58 -0700
Message-ID: <CAJCH0yDw8xDS9fo+wDDsY8OsTftsvHtUhaEiDsZpiQ9yOyDpKA@mail.gmail.com>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On Tue, Jul 15, 2014 at 11:35 PM, Poul-Henning Kamp <phk@phk.freebsd.dk>

> I still think the limit should apply to compressed headers, since that
> is what memory allocation is required for.

As a multithreaded sender with a shared compression context it's very hard
to work with a limit of the compressed size before it's too late. The
application layer is constructing the requests/replies and submitting them
to the network layer as they are ready. Even if you communicated the header
limit to the code generating the message it can only guess at whether it's
going over because it may not be the next message to be sent.

Rejecting it at the network layer is better then sending it for the remote
system to reject, but it's much better if acceptable messages can be
deterministicly created in advance.

If we're going to have header limits (and a shared compression context) let
them be on the uncompressed size.
Received on Thursday, 17 July 2014 06:03:24 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 30 March 2016 09:57:09 UTC