Join GitHub today
Remove HpackDecoder.maxHeaderListSizeGoAway #7911
When a sender sends too large of headers it should not unnecessarily
The maxHeaderListSizeGoAway limit in HpackDecoder is unnecessary because
(Technically, literals are limited to 1.6x maxHeaderListSizeGoAway,
Remove maxHeaderListSizeGoAway checking in HpackDecoder and instead
Fewer large header cases will trigger connection-killing.
The Sink interface is a step toward splitting headerList processing out of the core Hpack decoding (verification is the only thing left). I can swap to referring to Http2HeadersSink directly, but it seemed more readable to use the interface as a "we're not assuming anything about the implementation."
I haven't looked at the PR like, but my vague memory of maxHeaderListSizeGoAway was that it was intended to help us defend against bad actors who might try to make the remote peer allocate too much memory in headers? Is that something we don't need to worry about?