@@ -109,6 +109,8 @@ public abstract class AbstractHttp2ConnectionHandlerBuilder<T extends Http2Conne
109109 private boolean autoAckPingFrame = true ;
110110 private int maxQueuedControlFrames = Http2CodecUtil .DEFAULT_MAX_QUEUED_CONTROL_FRAMES ;
111111 private int maxConsecutiveEmptyFrames = 2 ;
112+ private int maxRstFramesPerWindow = 200 ;
113+ private int secondsPerWindow = 30 ;
112114
113115 /**
114116 * Sets the {@link Http2Settings} to use for the initial connection settings exchange.
@@ -410,7 +412,7 @@ protected Http2PromisedRequestVerifier promisedRequestVerifier() {
410412
411413 /**
412414 * Returns the maximum number of consecutive empty DATA frames (without end_of_stream flag) that are allowed before
413- * the connection is closed. This allows to protected against the remote peer flooding us with such frames and
415+ * the connection is closed. This allows to protect against the remote peer flooding us with such frames and
414416 * so use up a lot of CPU. There is no valid use-case for empty DATA frames without end_of_stream flag.
415417 *
416418 * {@code 0} means no protection is in place.
@@ -421,7 +423,7 @@ protected int decoderEnforceMaxConsecutiveEmptyDataFrames() {
421423
422424 /**
423425 * Sets the maximum number of consecutive empty DATA frames (without end_of_stream flag) that are allowed before
424- * the connection is closed. This allows to protected against the remote peer flooding us with such frames and
426+ * the connection is closed. This allows to protect against the remote peer flooding us with such frames and
425427 * so use up a lot of CPU. There is no valid use-case for empty DATA frames without end_of_stream flag.
426428 *
427429 * {@code 0} means no protection should be applied.
@@ -433,6 +435,21 @@ protected B decoderEnforceMaxConsecutiveEmptyDataFrames(int maxConsecutiveEmptyF
433435 return self ();
434436 }
435437
438+ /**
439+ * Sets the maximum number RST frames that are allowed per window before
440+ * the connection is closed. This allows to protect against the remote peer flooding us with such frames and
441+ * so use up a lot of CPU.
442+ *
443+ * {@code 0} for any of the parameters means no protection should be applied.
444+ */
445+ protected B decoderEnforceMaxRstFramesPerWindow (int maxRstFramesPerWindow , int secondsPerWindow ) {
446+ enforceNonCodecConstraints ("decoderEnforceMaxRstFramesPerWindow" );
447+ this .maxRstFramesPerWindow = checkPositiveOrZero (
448+ maxRstFramesPerWindow , "maxRstFramesPerWindow" );
449+ this .secondsPerWindow = checkPositiveOrZero (secondsPerWindow , "secondsPerWindow" );
450+ return self ();
451+ }
452+
436453 /**
437454 * Determine if settings frame should automatically be acknowledged and applied.
438455 * @return this.
@@ -575,6 +592,9 @@ private T buildFromCodec(Http2ConnectionDecoder decoder, Http2ConnectionEncoder
575592 if (maxConsecutiveEmptyDataFrames > 0 ) {
576593 decoder = new Http2EmptyDataFrameConnectionDecoder (decoder , maxConsecutiveEmptyDataFrames );
577594 }
595+ if (maxRstFramesPerWindow > 0 && secondsPerWindow > 0 ) {
596+ decoder = new Http2MaxRstFrameDecoder (decoder , maxRstFramesPerWindow , secondsPerWindow );
597+ }
578598 final T handler ;
579599 try {
580600 // Call the abstract build method
0 commit comments