Support max http request header size and max http header size configuration separation #501
Conversation
…ration separation Signed-off-by: crazyhzm <crazyhzm@apache.org>
|
Please review the code first, if there is no problem, I will support this on other branches as well. |
| /** | ||
| * Maximum size of the HTTP request message header. | ||
| */ | ||
| private int maxHttpRequestHeaderSize = -1; |
There was a problem hiding this comment.
After the change, maxHttpHeaderSize becomes default maximum size of the HTTP message header for both request and response.
If we no longer have consumer of getMaxHttpHeaderSize(), then I'd suggest to remove maxHttpHeaderSize, and change setMaxHttpHeaderSize() like this
@Deprecated
public void setMaxHttpHeaderSize(int valueI) {
maxHttpRequestHeaderSize = valueI;
maxHttpResponseHeaderSize = valueI;
}There was a problem hiding this comment.
I'm worried about the compatibility risk of removing getMaxHttpHeaderSize(), because this is a public API after all, I wonder if this change can be done in 10.1.x. of which I agree with the annotation Deprecated.
There was a problem hiding this comment.
Keep getMaxHttpHeaderSize() only preserves API level compatibility, the semantic of getMaxHttpHeaderSize() has change once we introduce dedicated header settings for request and response.
To illustrate the semantic change:
setMaxHttpHeaderSize(4096);
setMaxHttpRequestHeaderSize(8192);
setMaxHttpResponseHeaderSize(16384);Then getMaxHttpHeaderSize() make no sense except the only meaning "default maxHttpHeaderSize"
Maybe it is more reasonable to deprecate getMaxHttpHeaderSize() and return a size that is not too bad:
@Deprecated
public int getMaxHttpHeaderSize() {
return Math.min(maxHttpRequestHeaderSize, maxHttpResponseHeaderSize)
}I still insist that semantic level compatibility is more important than API level compatibility. For setMaxHttpHeaderSize() it originally means set maximum size of the HTTP message header for both request and response.
There was a problem hiding this comment.
Setter should stay IMHO and set both values to the exact same one if not already set.
Getter should get the max value since the consumer wants the max size and it is exactly the semantic of this method (= what is the max for request and response, only change is that before it was a single value, now it is really a max but a min is wrong IMHO).
So IMHO it makes perfect sense as method for frameworks and integrators to still have this, in particular when it is linked to pooling where max is more intended than min or any value under the max.
I still insist that semantic level compatibility is more important than API level compatibility
Well there are two points:
- API compat: IMHO it is not an option to break before next 10.2 or something like that
- semantic level is preserved and it makes sense to have this shortcut IMHO so we can solve both at once
|
That seems pretty straightforward. I'm slightly skeptical about the real practical use since trying to optimize the sizes too much is risky, but no problem, this is the user's responsibility. |
@rmaucher |
|
+1 I see two advantages:
Open question: shouldn't |
|
Overall, I prefer the PR as it is right now, it's simpler. If the new setters are used, then the behavior could be slightly different, but since this is new API this should be fine. |
It is not complicated. I forked and edit online to demonstrate the part of change: gmshake@75289cf?diff=split |
|
The proposed patch is still simpler and should work well, so I will merge that one. |
|
@rmaucher |
|
Merged with changed. I didn't understand the changes to TestHttp2Limits, HTTP/2 should use the new request header size and that should be it. Also updated docs and changelog. |
|
@rmaucher |
Mail link:https://bz.apache.org/bugzilla/show_bug.cgi?id=65866