search

kazu-yamamoto / http2

HTTP/2.0 library including HPACK
BSD 3-Clause "New" or "Revised" License
86 stars 22 forks source link

SETTINGS_HEADER_TABLE_SIZE not respected #27

Closed pcapriotti closed 3 years ago

pcapriotti commented 3 years ago

It seems that http2 servers fail to respect the table size settings sent by the client. This issue manifested for us as a 502 error from an nginx ingress controller in kubernetes, sitting in front of a grpc server written with mu-grpc-server.

To reproduce, I used the example server in the http2 library code:

{-# LANGUAGE OverloadedStrings #-}

module Main where

import qualified Control.Exception as E
import Data.ByteString.Builder (byteString)
import Network.HTTP.Types (ok200)
import Network.HTTP2.Server
import Network.Run.TCP (runTCPServer)

main :: IO ()
main = runTCPServer Nothing "50051" runHTTP2Server
  where
    runHTTP2Server s =
      E.bracket
        (allocSimpleConfig s 4096)
        freeSimpleConfig
        (\config -> run config server)
    server _req _aux sendResponse = sendResponse response []
      where
        response = responseBuilder ok200 header body
        header =
          [("Content-Type", "text/plain")]
        body = byteString "Hello, world!\n"

and fed it this sequence of two requests. The requests contain GRPC invokations, but that is not relevant. There is a SETTINGS_HEADER_TABLE_SIZE frame with value 0 in the beginning, but the response I get for the second request has the following header fragment:

20 88 be

And be decodes to index 62, which is outside the static range (presumably, it is referring to the previously sent content-type header).

This is a wireshark dump of the interaction.