[jira] [Commented] (NIFI-12762) ListenHTTP request headers limited to 8192 bytes

Fri, 09 Aug 2024 13:13:40 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-12762?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17872443#comment-17872443
 ] 

Sash Sujith commented on NIFI-12762:
------------------------------------

{code:java}
public void testLargeHTTPRequestHeader() throws Exception {
        StringBuilder largeHeaderValue = new StringBuilder();
        for (int i = 0; i < 8193; i++){
            largeHeaderValue.append("A");
        }        final int port = startWebServer();        OkHttpClient client 
= new OkHttpClient();        final String url = buildUrl(false, port);
        Request request = new Request.Builder()
                .url(url)
                .addHeader("Large-Header", largeHeaderValue.toString())
                .build();        try (Response response = 
client.newCall(request).execute()) {
            int statusCode = response.code();            assertEquals(431, 
statusCode, "Expected 431 status code due to large header.");
        }
    }
{code}

> ListenHTTP request headers limited to 8192 bytes
> ------------------------------------------------
>
>                 Key: NIFI-12762
>                 URL: https://issues.apache.org/jira/browse/NIFI-12762
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.25.0, 2.0.0-M2
>            Reporter: Michael W Moser
>            Assignee: Sash Sujith
>            Priority: Minor
>         Attachments: Screenshot from 2024-07-12 19-52-19-1.png
>
>
> ListenHTTP will parse HTTP request headers if the property "HTTP Headers to 
> receive as Attributes" is set.  An HTTP client can sent request headers that 
> are larger than the default allowed 8192 bytes, and we get the log message
> {noformat}
> 2024-02-08 20:22:16,548 WARN [ListenHTTP 
> (8a290f74-018d-1000-a9d2-c06fdb10e3f3) Web Server-188] 
> org.eclipse.jetty.http.HttpParser Header is too large 8193>8192{noformat}
> and ListenHTTP responds with  HTTP ERROR 431 Request Header Fields Too Large
> The NiFi UI and REST API sets the max header size to 16384 and it is 
> configurable in nifi.properties "nifi.web.max.header.size", in the file 
> FrameworkServerConnectorFactory.java.
> We should probably allow ListenHTTP to use the same max header size setting.
> Should we also look into this for HandleHttpRequest?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to