Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix extended connect check condition #2119

Merged
merged 1 commit into from
May 2, 2023
Merged

Fix extended connect check condition #2119

merged 1 commit into from
May 2, 2023

Conversation

benjaminpetit
Copy link
Member

Fixes #2070

@MihaZupan MihaZupan added this to the YARP 2.x milestone May 2, 2023
@benjaminpetit benjaminpetit merged commit 6736e0a into microsoft:main May 2, 2023
6 checks passed
@benjaminpetit benjaminpetit deleted the fix/extended-connect-main branch May 2, 2023 17:13
@benjaminpetit benjaminpetit mentioned this pull request May 3, 2023
Closed
Tratcher added a commit that referenced this pull request Jun 22, 2023
@Tratcher
Merged PR 31986: [2.0] Forwarder blame improvements
9bf4d83 
Passive health checks rely on the HttpForwarder to categorize failures so the check can understand if it was caused by the client, destination, or some other reason. Incorrect attribution can allow the client to induce an error and cause the destination to be marked unhealthy.

Scenarios:
1. Blame the request body (client/destination) for timeouts. Today if the ActivityTimeout triggers while uploading the request body that will be reported as RequestTimeout and blamed on the destination. However, if the proxy was waiting for the client to send more data, that should be blamed on the client instead (RequestBodyClient).
2. A malicious client may pretend to be a gRPC request by setting the expected Content-Type, but then getting proxied to a HTTP/1.1 destination. This causes the proxy request data rate and size limit to be disabled, but then you can induce an error against the destination's size limit that would be blamed on the destination. Fix: Delay disabling the limits until we're sure we were assigned to an HTTP/2 connection.
3. I've included #2119. This works around a Kestrel bug which caused a body length exception that we blamed on the destination. This fix is already in main.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tratcher Tratcher Tratcher approved these changes

@MihaZupan MihaZupan MihaZupan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
YARP 2.1
Development

Successfully merging this pull request may close these issues.

Random 502 errors when client cancels request
3 participants
@benjaminpetit @Tratcher @MihaZupan