This is an automated email from the ASF dual-hosted git repository.
exceptionfactory pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new 4ecd743693 NIFI-12762 Added Request Header Size to ListenHTTP and
HandleHttpRequest
4ecd743693 is described below
commit 4ecd743693afe56197c48b0772aaedb91b515f4c
Author: Mike Moser <[email protected]>
AuthorDate: Mon Sep 23 19:53:28 2024 +0000
NIFI-12762 Added Request Header Size to ListenHTTP and HandleHttpRequest
This closes #9304
Signed-off-by: David Handermann <[email protected]>
---
.../connector/StandardServerConnectorFactory.java | 12 ++++++++++++
.../StandardServerConnectorFactoryTest.java | 15 ++++++++++++++-
.../nifi/processors/standard/HandleHttpRequest.java | 11 +++++++++++
.../apache/nifi/processors/standard/ListenHTTP.java | 20 +++++++++++++++++---
.../nifi/processors/standard/TestListenHTTP.java | 20 ++++++++++++++++++++
5 files changed, 74 insertions(+), 4 deletions(-)
diff --git
a/nifi-commons/nifi-jetty-configuration/src/main/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactory.java
b/nifi-commons/nifi-jetty-configuration/src/main/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactory.java
index 1f36ca1116..26d09706a1 100644
---
a/nifi-commons/nifi-jetty-configuration/src/main/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactory.java
+++
b/nifi-commons/nifi-jetty-configuration/src/main/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactory.java
@@ -68,6 +68,8 @@ public class StandardServerConnectorFactory implements
ServerConnectorFactory {
private String[] includeSecurityProtocols = INCLUDE_ALL_SECURITY_PROTOCOLS;
+ private int requestHeaderSize = 8192;
+
/**
* Standard Server Connector Factory Constructor with required properties
*
@@ -170,12 +172,22 @@ public class StandardServerConnectorFactory implements
ServerConnectorFactory {
this.applicationLayerProtocols = applicationLayerProtocols;
}
+ /**
+ * Set the maximum HTTP request header size. The default is 8 KB.
+ *
+ * @param requestHeaderSize maximum HTTP request header size
+ */
+ public void setRequestHeaderSize(int requestHeaderSize) {
+ this.requestHeaderSize = requestHeaderSize;
+ }
+
protected Server getServer() {
return server;
}
protected HttpConfiguration getHttpConfiguration() {
final HttpConfiguration httpConfiguration = new HttpConfiguration();
+ httpConfiguration.setRequestHeaderSize(requestHeaderSize);
if (sslContext != null) {
httpConfiguration.setSecurePort(port);
diff --git
a/nifi-commons/nifi-jetty-configuration/src/test/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactoryTest.java
b/nifi-commons/nifi-jetty-configuration/src/test/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactoryTest.java
index f51e6cc1c0..e6d5c6aaa3 100644
---
a/nifi-commons/nifi-jetty-configuration/src/test/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactoryTest.java
+++
b/nifi-commons/nifi-jetty-configuration/src/test/java/org/apache/nifi/jetty/configuration/connector/StandardServerConnectorFactoryTest.java
@@ -56,7 +56,20 @@ class StandardServerConnectorFactoryTest {
final ServerConnector serverConnector = factory.getServerConnector();
- assertHttpConnectionFactoryFound(serverConnector);
+ final HttpConnectionFactory httpConnectionFactory =
assertHttpConnectionFactoryFound(serverConnector);
+ assertEquals(8192,
httpConnectionFactory.getHttpConfiguration().getRequestHeaderSize());
+ }
+
+ @Test
+ void testGetServerConnectorWithRequestHeaderSize() {
+ final Server server = new Server();
+ final StandardServerConnectorFactory factory = new
StandardServerConnectorFactory(server, HTTP_PORT);
+ factory.setRequestHeaderSize(16000);
+
+ final ServerConnector serverConnector = factory.getServerConnector();
+
+ final HttpConnectionFactory httpConnectionFactory =
assertHttpConnectionFactoryFound(serverConnector);
+ assertEquals(16000,
httpConnectionFactory.getHttpConfiguration().getRequestHeaderSize());
}
@Test
diff --git
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/HandleHttpRequest.java
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/HandleHttpRequest.java
index 8ed96ca9fb..dc56e35934 100644
---
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/HandleHttpRequest.java
+++
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/HandleHttpRequest.java
@@ -265,6 +265,13 @@ public class HandleHttpRequest extends AbstractProcessor {
.defaultValue("200")
.addValidator(StandardValidators.createLongValidator(8, 1000,
true))
.build();
+ public static final PropertyDescriptor REQUEST_HEADER_MAX_SIZE = new
PropertyDescriptor.Builder()
+ .name("Request Header Maximum Size")
+ .description("The maximum supported size of HTTP headers in
requests sent to this processor")
+ .required(true)
+ .addValidator(StandardValidators.DATA_SIZE_VALIDATOR)
+ .defaultValue("8 KB")
+ .build();
public static final PropertyDescriptor ADDITIONAL_METHODS = new
PropertyDescriptor.Builder()
.name("Additional HTTP Methods")
.description("A comma-separated list of non-standard HTTP Methods
that should be allowed")
@@ -327,6 +334,7 @@ public class HandleHttpRequest extends AbstractProcessor {
ALLOW_HEAD,
ALLOW_OPTIONS,
MAXIMUM_THREADS,
+ REQUEST_HEADER_MAX_SIZE,
ADDITIONAL_METHODS,
CLIENT_AUTH,
CONTAINER_QUEUE_SIZE,
@@ -380,7 +388,10 @@ public class HandleHttpRequest extends AbstractProcessor {
final String clientAuthValue =
context.getProperty(CLIENT_AUTH).getValue();
final Server server = createServer(context);
+ final int requestHeaderSize =
context.getProperty(REQUEST_HEADER_MAX_SIZE).asDataSize(DataUnit.B).intValue();
final StandardServerConnectorFactory serverConnectorFactory = new
StandardServerConnectorFactory(server, port);
+ serverConnectorFactory.setRequestHeaderSize(requestHeaderSize);
+
final boolean needClientAuth =
CLIENT_NEED.getValue().equals(clientAuthValue);
serverConnectorFactory.setNeedClientAuth(needClientAuth);
final boolean wantClientAuth =
CLIENT_WANT.getValue().equals(clientAuthValue);
diff --git
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ListenHTTP.java
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ListenHTTP.java
index d8ae0d6c96..b8b39d76ca 100644
---
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ListenHTTP.java
+++
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ListenHTTP.java
@@ -200,6 +200,13 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
.addValidator(StandardValidators.REGULAR_EXPRESSION_VALIDATOR)
.required(false)
.build();
+ public static final PropertyDescriptor REQUEST_HEADER_MAX_SIZE = new
PropertyDescriptor.Builder()
+ .name("Request Header Maximum Size")
+ .description("The maximum supported size of HTTP headers in requests
sent to this processor")
+ .required(true)
+ .addValidator(StandardValidators.DATA_SIZE_VALIDATOR)
+ .defaultValue("8 KB")
+ .build();
public static final PropertyDescriptor RETURN_CODE = new
PropertyDescriptor.Builder()
.name("Return Code")
.description("The HTTP return code returned after every HTTP call")
@@ -281,6 +288,7 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
AUTHORIZED_ISSUER_DN_PATTERN,
MAX_UNCONFIRMED_TIME,
HEADERS_AS_ATTRIBUTES_REGEX,
+ REQUEST_HEADER_MAX_SIZE,
RETURN_CODE,
MULTIPART_REQUEST_MAX_SIZE,
MULTIPART_READ_BUFFER_SIZE,
@@ -394,9 +402,10 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
final Double maxBytesPerSecond =
context.getProperty(MAX_DATA_RATE).asDataSize(DataUnit.B);
final StreamThrottler streamThrottler = (maxBytesPerSecond == null) ?
null : new LeakyBucketStreamThrottler(maxBytesPerSecond.intValue());
final int returnCode = context.getProperty(RETURN_CODE).asInteger();
- long requestMaxSize =
context.getProperty(MULTIPART_REQUEST_MAX_SIZE).asDataSize(DataUnit.B).longValue();
- int readBufferSize =
context.getProperty(MULTIPART_READ_BUFFER_SIZE).asDataSize(DataUnit.B).intValue();
- int maxThreadPoolSize =
context.getProperty(MAX_THREAD_POOL_SIZE).asInteger();
+ final long requestMaxSize =
context.getProperty(MULTIPART_REQUEST_MAX_SIZE).asDataSize(DataUnit.B).longValue();
+ final int readBufferSize =
context.getProperty(MULTIPART_READ_BUFFER_SIZE).asDataSize(DataUnit.B).intValue();
+ final int maxThreadPoolSize =
context.getProperty(MAX_THREAD_POOL_SIZE).asInteger();
+ final int requestHeaderSize =
context.getProperty(REQUEST_HEADER_MAX_SIZE).asDataSize(DataUnit.B).intValue();
throttlerRef.set(streamThrottler);
final PropertyValue clientAuthenticationProperty =
context.getProperty(CLIENT_AUTHENTICATION);
@@ -414,6 +423,7 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
final HttpProtocolStrategy httpProtocolStrategy =
context.getProperty(HTTP_PROTOCOL_STRATEGY).asAllowableValue(HttpProtocolStrategy.class);
final ServerConnector connector = createServerConnector(server,
port,
+ requestHeaderSize,
sslContextService,
clientAuthentication,
httpProtocolStrategy
@@ -425,6 +435,7 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
if (healthCheckPort != null) {
final ServerConnector healthCheckConnector =
createServerConnector(server,
healthCheckPort,
+ requestHeaderSize,
sslContextService,
ClientAuthentication.NONE,
httpProtocolStrategy
@@ -503,11 +514,14 @@ public class ListenHTTP extends
AbstractSessionFactoryProcessor {
private ServerConnector createServerConnector(final Server server,
final int port,
+ final int
requestMaxHeaderSize,
final SSLContextService
sslContextService,
final ClientAuthentication
clientAuthentication,
final HttpProtocolStrategy
httpProtocolStrategy
) {
final StandardServerConnectorFactory serverConnectorFactory = new
StandardServerConnectorFactory(server, port);
+ serverConnectorFactory.setRequestHeaderSize(requestMaxHeaderSize);
+
final SSLContext sslContext = sslContextService == null ? null :
sslContextService.createContext();
serverConnectorFactory.setSslContext(sslContext);
diff --git
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
index 7d1666b299..d0143099bf 100644
---
a/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
+++
b/nifi-extension-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
@@ -783,6 +783,26 @@ public class TestListenHTTP {
assertEquals(0, multiPartTempFiles, multiPartMessage);
}
+ @Test
+ public void testLargeHTTPRequestHeader() throws Exception {
+ runner.setProperty(ListenHTTP.REQUEST_HEADER_MAX_SIZE, "16 KB");
+
+ String largeHeaderValue = "A".repeat(9 * 1024);
+
+ final int port = startWebServer();
+ OkHttpClient client = getOkHttpClient(false, false);
+ final String url = buildUrl(false, port);
+ Request request = new Request.Builder()
+ .url(url)
+ .addHeader("Large-Header", largeHeaderValue)
+ .method("HEAD", null)
+ .build();
+ try (Response response = client.newCall(request).execute()) {
+ int responseCode = response.code();
+ assertEquals(200, responseCode, "Expected 200 response code with
large header.");
+ }
+ }
+
private byte[] generateRandomBinaryData() {
byte[] bytes = new byte[100];
new Random().nextBytes(bytes);
