Mercurial > hg > nginx
comparison src/http/v3/ngx_http_v3_request.c @ 9275:199dc0d6b05b
Added max_headers directive.
The directive limits the number of request headers accepted from clients.
While the total amount of headers is believed to be sufficiently limited
by the existing buffer size limits (client_header_buffer_size and
large_client_header_buffers), the additional limit on the number of headers
might be beneficial to better protect backend servers.
Requested by Maksim Yevmenkin.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Fri, 24 May 2024 00:20:01 +0300 |
| parents | 388a801e9bb9 |
| children | d9fe808c1841 |
comparison
equal
deleted
inserted
replaced
| 9274:46ecad404a29 | 9275:199dc0d6b05b |
|---|---|
| 655 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 655 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 656 return NGX_ERROR; | 656 return NGX_ERROR; |
| 657 } | 657 } |
| 658 | 658 |
| 659 } else { | 659 } else { |
| 660 cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); | |
| 661 | |
| 662 if (r->headers_in.count++ >= cscf->max_headers) { | |
| 663 ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, | |
| 664 "client sent too many header lines"); | |
| 665 ngx_http_finalize_request(r, NGX_HTTP_REQUEST_HEADER_TOO_LARGE); | |
| 666 return NGX_ERROR; | |
| 667 } | |
| 668 | |
| 660 h = ngx_list_push(&r->headers_in.headers); | 669 h = ngx_list_push(&r->headers_in.headers); |
| 661 if (h == NULL) { | 670 if (h == NULL) { |
| 662 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | 671 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); |
| 663 return NGX_ERROR; | 672 return NGX_ERROR; |
| 664 } | 673 } |