From 882adbdc203e0e3719d779c5bd6d151c42f312ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ondr=CC=8Cej=20Sury=CC=81?= Date: Thu, 10 Nov 2022 16:34:26 +0100 Subject: [PATCH 1/3] Bump the allowed HTTP headers in statschannel to 100 Firefox 90+ apparently sends more than 10 headers, so we need to bump the number to some higher number. Bump it to 100 just to be on a save side, this is for internal use only anyway. (cherry picked from commit e4654d1a6a657faf13bfee2bc53aace2f718b3d8) --- lib/isc/httpd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/isc/httpd.c b/lib/isc/httpd.c index 7760d4e867..612b51137d 100644 --- a/lib/isc/httpd.c +++ b/lib/isc/httpd.c @@ -51,7 +51,7 @@ */ #define HTTP_RECVLEN ISC_NETMGR_TCP_RECVBUF_SIZE * 2 #define HTTP_SENDLEN ISC_NETMGR_TCP_RECVBUF_SIZE -#define HTTP_HEADERS_NUM 10 +#define HTTP_HEADERS_NUM 100 #define HTTP_MAX_REQUEST_LEN 4096 #define HTTPD_CLOSE 0x0001 /* Got a Connection: close header */ From 9e5299db303c1cce79e82e1230b42d603c6f42d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Fri, 11 Nov 2022 09:19:41 +0100 Subject: [PATCH 2/3] Update the HTTP headers test to check for 101 headers When we bumped the number of allowed HTTP headers to 100, we forgot to bump the number in the system test. Bump the number in the system test too. --- bin/tests/system/statschannel/tests.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/tests/system/statschannel/tests.sh b/bin/tests/system/statschannel/tests.sh index 4a95dfb99a..7d102af3c6 100644 --- a/bin/tests/system/statschannel/tests.sh +++ b/bin/tests/system/statschannel/tests.sh @@ -432,13 +432,13 @@ if [ -x "${CURL}" ] && ! ("${CURL}" --next 2>&1 | grep 'option --next: is unknow CURL_NEXT="${CURL}" fi -echo_i "Check HTTP with more than 10 headers ($n)" +echo_i "Check HTTP with more than 100 headers ($n)" ret=0 i=0 if [ -x "${CURL_NEXT}" ] ; then # build input stream. : > header.in$n - while test $i -lt 11 + while test $i -lt 101 do printf 'X-Bloat%d: VGhlIG1vc3QgY29tbW9uIHJlYXNvbiBmb3IgYmxvYXRpbmcgaXMgaGF2aW5nIGEgbG90IG9mIGdhcyBpbiB5b3VyIGd1dC4gCg==\r\n' $i >> header.in$n i=$((i+1)) From b1d21c0ece112a196afdda33f96a7ffffb34673d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ondr=CC=8Cej=20Sury=CC=81?= Date: Thu, 10 Nov 2022 16:41:25 +0100 Subject: [PATCH 3/3] Add CHANGES and release note for [GL #3670] (cherry picked from commit c65666dc9742a34395d53bb251df217a2feec56e) --- CHANGES | 4 ++++ doc/notes/notes-current.rst | 4 +++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index b22b434acc..e7cdcdaa06 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +6015. [bug] Some browsers (Firefox) send more than 10 HTTP + headers. Bump the number of allowed HTTP headers + to 100. [GL #3670] + 6013. [bug] Fix a crash that could happen when you change a dnssec-policy zone with NSEC3 to start using inline-signing. [GL #3591] diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index d06d938e2d..9dfbd0b908 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -35,7 +35,9 @@ Feature Changes Bug Fixes ~~~~~~~~~ -- None. +- Increase the number of HTTP headers in the statistics channel from + 10 to 100 to accomodate for some browsers that send more that 10 + headers by default. :gl:`#3670` Known Issues ~~~~~~~~~~~~