limiting number of HTTP request headers
Maksim Yevmenkin
maksim.yevmenkin at gmail.com
Tue May 21 17:37:01 UTC 2024
hello!
[...]
> Below is an attempt to address the above comments, please take a
> look.
>
>
> # HG changeset patch
> # User Maxim Dounin <mdounin at mdounin.ru>
> # Date 1716296209 -10800
> # Tue May 21 15:56:49 2024 +0300
> # Node ID 2850868eb5e8c0dff91f86f75cb36886d54af001
> # Parent 429d40e8275d2606da7cb710de5bc40a905fe52f
> Added max_client_headers directive.
>
> The directive limits the number of request headers accepted from clients.
> While the total amount of headers is believed to be sufficiently limited
> by the existing buffer size limits (client_header_buffer_size and
> large_client_header_buffers), the additional limit on the number of headers
> might be beneficial to better protect backend servers.
>
> Requested by Maksim Yevmenkin.
this looks good to me. thank you!
max
More information about the nginx-devel
mailing list