#551: Limiting header sizes

A lot of the discussion around <https://github.com/http2/http2-spec/issues/551> is around having a hard limit for header block sizes in the protocol, and the resulting ways that helps and hurts.

I wonder if we can make a small adjustment to ease some of the pain. Specifically, what if it were only advisory, and there were no default?

I.e., instead of a setting with the semantic of "You MUST NOT send header blocks larger than <x>", what if it were "If you send header blocks larger than <x>, I'll very likely discard them (responses) / respond with a 431 (requests)"?

This makes it much more flexible; if a proxy sends this setting and sees a client ignoring it, they have the choice of either soft-failing them (with a 431), accepting the larger request, or hard-failing them (ENHANCE_YOUR_CALM).

It also seems more compatible with the way that HTTP/1 works.

I think that doing this might address most of the cons listed at <https://github.com/http2/http2-spec/wiki/ContinuationProposals#limit-header-block-size-via-a-setting>.


Mark Nottingham   https://www.mnot.net/

Received on Wednesday, 16 July 2014 03:42:22 UTC