- From: Willy Tarreau <w@1wt.eu>
- Date: Mon, 11 Feb 2019 11:23:45 +0100
- To: Stefan Eissing <stefan.eissing@greenbytes.de>
- Cc: Martin Thomson <mt@lowentropy.net>, ietf-http-wg@w3.org
Hi Stefan, On Mon, Feb 11, 2019 at 11:18:15AM +0100, Stefan Eissing wrote: > However the question remains what Cory should implement here? At the very least he should respect what the protocol says, i.e. +1 when seeing the HEADERS frame, check the limit then -1 when seeing ES on the same frame. The state machine shows multiple steps for a possible single state, indicating checks must be performed following a strict sequence. > If there is a scenario where a near unlimited number of PPs can be triggered, > this becomes a DoS vector either way. Experience says that an early and > deterministic PROTOCOL_ERROR might serve us better than some dynamic > mitigation that does not really solve the problem but makes breakage more > obscure. Agreed. > PS. httpd's mod_proxy_http2 does disable PUSH on backend connections. With > 103 Early Hints, there seems to be no benefit on low latency. Same for haproxy. Eventhough 103 is still young, it does have a certain number of benefits over push and is (in my opinion) much more elegant. Willy
Received on Monday, 11 February 2019 10:24:13 UTC