limiting number of HTTP request headers
Maxim Dounin
mdounin at mdounin.ru
Thu May 16 16:59:32 UTC 2024
Hello!
On Wed, May 15, 2024 at 05:27:51PM -0700, Maksim Yevmenkin wrote:
> Could the community share their thoughts on introducing a directive to
> cap the number of HTTP request headers? While we currently have the
> ability to limit client HTTP request buffer size, having more specific
> control over the number of headers could be advantageous.
I personally tend to think that buffer size limit is enough for
[free]nginx itself. On the other hand, an additional limit on the
number of request headers might be beneficial to protect backend
servers, and might worth adding.
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list