Loading...

Type: Bug
Resolution: Won't Do
Priority: Major
Fix Version/s: None
Affects Version/s: 7.1.0.DR19
Component/s: Undertow
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Steps to Reproduce:
Hide

unzip and start EAP, e.g. standalone.sh

set some smaller max-header-size value, e.g. 20

/subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=max-header-size,value=20)

perform HTTP2 request to server:

curl -k -v --http2 https://localhost:8443 >/dev/null -H "too-long-header: this header is so long that it exceeds maximum allowed header length on server"

see that no HTTP response is returned and connection is just closed:

curl: (16) Error in the HTTP2 framing layer
Show
unzip and start EAP, e.g. standalone.sh set some smaller max-header-size value, e.g. 20 /subsystem=undertow/server= default -server/https-listener=https:write-attribute(name=max-header-size,value=20) perform HTTP2 request to server: curl -k -v --http2 https: //localhost:8443 >/dev/ null -H "too- long -header: this header is so long that it exceeds maximum allowed header length on server" see that no HTTP response is returned and connection is just closed: curl: (16) Error in the HTTP2 framing layer

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When client sends a HTTP/2 request that contains header which exceeds configured 'max-header-size' or 'http2-max-header-list-size' attributes on requested server listener, there is no HTTP response from the server at all, connection is just closed. This might not be such a big problem unless server is behind a proxy. In such case user will get 503 code from the proxy. We should rather return 400 Bad Request instead.

This can be seen in the log when '/subsystem=logging/logger=io.undertow.request:add(level=DEBUG)' is configured and HTTP/2 request with too long header is sent to server:

2017-06-02 07:25:03,284 DEBUG [io.undertow.request.io] (default I/O-4) Marking reads broken on channel Http2Channel peer /127.0.0.1:46774 local /127.0.0.1:8443[ No Receiver [] -- [] -- []]: java.nio.channels.ClosedChannelException
	at io.undertow.server.protocol.framed.AbstractFramedChannel.markReadsBroken(AbstractFramedChannel.java:817)
	at io.undertow.server.protocol.framed.AbstractFramedChannel.receive(AbstractFramedChannel.java:474)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:108)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:59)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:932)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:913)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
	at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1129)
	at io.undertow.protocols.ssl.SslConduit$1.run(SslConduit.java:168)
	at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:588)
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:468)

2017-06-02 07:25:03,284 DEBUG [io.undertow.request] (default I/O-4) Closing HTTP2 channel to /127.0.0.1:46774 due to broken read side: io.undertow.protocols.http2.ConnectionErrorException: io.undertow.protocols.http2.HpackException: UT000161: HTTP/2 header block is too large
	at io.undertow.protocols.http2.Http2HeaderBlockParser.handleData(Http2HeaderBlockParser.java:111)
	at io.undertow.protocols.http2.Http2PushBackParser.parse(Http2PushBackParser.java:62)
	at io.undertow.protocols.http2.Http2FrameHeaderParser.handle(Http2FrameHeaderParser.java:172)
	at io.undertow.protocols.http2.Http2Channel.parseFrame(Http2Channel.java:533)
	at io.undertow.server.protocol.framed.AbstractFramedChannel.receive(AbstractFramedChannel.java:427)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:108)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:59)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:932)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:913)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
	at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1129)
	at io.undertow.protocols.ssl.SslConduit$1.run(SslConduit.java:168)
	at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:588)
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:468)
Caused by: io.undertow.protocols.http2.HpackException: UT000161: HTTP/2 header block is too large
	at io.undertow.protocols.http2.Http2HeaderBlockParser.emitHeader(Http2HeaderBlockParser.java:145)
	at io.undertow.protocols.http2.HpackDecoder.addStaticTableEntry(HpackDecoder.java:317)
	at io.undertow.protocols.http2.HpackDecoder.handleIndex(HpackDecoder.java:290)
	at io.undertow.protocols.http2.HpackDecoder.decode(HpackDecoder.java:113)
	at io.undertow.protocols.http2.Http2HeaderBlockParser.handleData(Http2HeaderBlockParser.java:109)
	... 15 more

2017-06-02 07:25:03,285 DEBUG [io.undertow.request.io] (default I/O-4) UT005013: An IOException occurred: io.undertow.protocols.http2.ConnectionErrorException: io.undertow.protocols.http2.HpackException: UT000161: HTTP/2 header block is too large
	at io.undertow.protocols.http2.Http2HeaderBlockParser.handleData(Http2HeaderBlockParser.java:111)
	at io.undertow.protocols.http2.Http2PushBackParser.parse(Http2PushBackParser.java:62)
	at io.undertow.protocols.http2.Http2FrameHeaderParser.handle(Http2FrameHeaderParser.java:172)
	at io.undertow.protocols.http2.Http2Channel.parseFrame(Http2Channel.java:533)
	at io.undertow.server.protocol.framed.AbstractFramedChannel.receive(AbstractFramedChannel.java:427)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:108)
	at io.undertow.server.protocol.http2.Http2ReceiveListener.handleEvent(Http2ReceiveListener.java:59)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:932)
	at io.undertow.server.protocol.framed.AbstractFramedChannel$FrameReadListener.handleEvent(AbstractFramedChannel.java:913)
	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
	at io.undertow.protocols.ssl.SslConduit$SslReadReadyHandler.readReady(SslConduit.java:1129)
	at io.undertow.protocols.ssl.SslConduit$1.run(SslConduit.java:168)
	at org.xnio.nio.WorkerThread.safeRun(WorkerThread.java:588)
	at org.xnio.nio.WorkerThread.run(WorkerThread.java:468)
Caused by: io.undertow.protocols.http2.HpackException: UT000161: HTTP/2 header block is too large
	at io.undertow.protocols.http2.Http2HeaderBlockParser.emitHeader(Http2HeaderBlockParser.java:145)
	at io.undertow.protocols.http2.HpackDecoder.addStaticTableEntry(HpackDecoder.java:317)
	at io.undertow.protocols.http2.HpackDecoder.handleIndex(HpackDecoder.java:290)
	at io.undertow.protocols.http2.HpackDecoder.decode(HpackDecoder.java:113)
	at io.undertow.protocols.http2.Http2HeaderBlockParser.handleData(Http2HeaderBlockParser.java:109)
	... 15 more

Note: There was a similar issue already ~~JBEAP-8592~~, which fixed HTTP/1.1 but HTTP/2 was not properly fixed and verified.

relates to

JBEAP-8592 Connection is closed without HTTP response when the headers are bigger than defined header-size

Verified

Details

Description

Attachments

Issue Links

Activity

People

Dates

Hide