HTTP/2 max header size
Valentin V. Bartenev
vbart at nginx.com
Tue Jan 26 11:47:35 UTC 2016
On Tuesday 26 January 2016 15:14:04 Shengtuo Hu wrote:
> I was using "nghttp" command line tool to test NGINX. I enabled
> "continuation" option in "nghttp" command line tool, which filled the
> HEADERS frame with a very large header field/value. Then I got an GOAWAY
> frame with error code of "ENHANCE_YOUR_CALM(0x0b)". Then I checked the
> debug log file of the server, and found "client exceeded
> http2_max_header_size limit while processing HTTP/2 connection".
> May I know the consideration about this limitation? For a client, it may
> not be able to know the precise value of "http2_max_header_size".
Decompression and processing of headers require proportional amount of memory.
The consideration is simple: to limit the amount of memory that can be eaten by
a client and prevent DoS attack on the server.
> Once a client gets this error, how can it recover from it or request
> the resource successfully?
If a client gets this error then either it is doing something wrong by sending
incorrect requests, or the server is configured incorrectly.
wbr, Valentin V. Bartenev
More information about the nginx