Default HTTP/2 max_header_list_size to 16kb#3622
Merged
seanmonstar merged 2 commits intomasterfrom Apr 5, 2024
Merged
Conversation
The HTTP/2 does not define a default. If not defined, hyper still set a high limit of 16mb. However, that seems very high, and most people likely do not think to set it the property. Since hyper tries to protect users, it will now use a default of 16kb. The defaults in hyper are not part of the public API stability promise. Users are encouraged to set options themselves.
seanmonstar
force-pushed
the
http2-default-max-header-list-size
branch
from
0ded024 to
cca5172
Compare
Noah-Kennedy
approved these changes
Apr 5, 2024
ajwerner
added a commit
to ajwerner/tonic
that referenced
this pull request
Aug 2, 2024
There is a bug such that if the client sends a response with a header value that exceeds the max_header_list_size, then RPCs just hang (hyperium#1834). When tonic upgraded to hyper 1, it picked up [hyper#3622] which changed the default from 16MiB to 16KiB for this configuration value. Error messages in gRPC use headers. That means that services which ever sent error messages in excess of 16KiB (including in their error details!) will just hang. This commit adds the ability for the client to configure this value to something larger (perhaps the old default of 16MiB) to mitigate the above-referenced bug. [hyper#3622]: hyperium/hyper#3622
github-merge-queue bot
pushed a commit
to hyperium/tonic
that referenced
this pull request
Aug 3, 2024
There is a bug such that if the client sends a response with a header value that exceeds the max_header_list_size, then RPCs just hang (#1834). When tonic upgraded to hyper 1, it picked up [hyper#3622] which changed the default from 16MiB to 16KiB for this configuration value. Error messages in gRPC use headers. That means that services which ever sent error messages in excess of 16KiB (including in their error details!) will just hang. This commit adds the ability for the client to configure this value to something larger (perhaps the old default of 16MiB) to mitigate the above-referenced bug. [hyper#3622]: hyperium/hyper#3622
Contributor
|
FYI when logged into Google, console.cloud.google.com sends headers bigger than this default size, thus that seems too low to me. |
Member
Author
|
Do you have a suggested default instead? Part of the choice here was noting that most other libraries either picked 8kb or 16kb, and rely on users to opt-in to more. I suppose one possibility we could consider is different defaults for server vs client. |
Contributor
|
The previous value was just fine in 2024 IMO. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The RFC doesn't specify a default.
h2has an "emergency" default that's quite high. It makes sense for hyper to pick a safer default to protect users who don't think about it. When checking other libraries, many set a default of either 8kb or 16kb.