mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-03-05 10:58:14 +00:00
haproxy public development tree
39a0a1e120
As reported by @jinsubsim in github issue #1498, there is an interoperability issue between nghttp2 as a client and a few servers among which haproxy (in fact likely all those which do not make use of the dynamic headers table in responses or which do not intend to use a larger table), when reducing the header table size below 4096. These are easily testable this way: nghttp -v -H":method: HEAD" --header-table-size=0 https://$SITE It will result in a compression error for those which do not start with an HPACK dynamic table size update opcode. There is a possible interpretation of the H2 and HPACK specs that says that an HPACK encoder must send an HPACK headers table update confirming the new size it will be using after having acknowledged it, because since it's possible for a decoder to advertise a late SETTINGS and change it after transfers have begun, the initially advertised value might very well be seen as a first change from the initial setting, and the HPACK spec doesn't specify the side which causes the change that triggers a DTSU update, which was essentially summed up in this question from nghttp2's author when this issue was already raised 6 years ago, but which didn't really find a solid response by then: https://lists.w3.org/Archives/Public/ietf-http-wg/2015OctDec/0107.html The ongoing consensus based on what some servers are doing and that aims at limiting interoperability issues seems to be that a DTSU is expected for each reduction from the current size, which should be reflected in the next revision of the H2 spec: https://github.com/httpwg/http2-spec/pull/1005 Given that we do not make use of this table we can emit a DTSU of zero before encoding any HPACK frame. However, some clients do not support receiving DTSU with such values (e.g. VTest) so we cannot do it inconditionnally! The current patch aims at sticking as close to the spec as possible by proceeding this way: - when a SETTINGS_HEADER_TABLE_SIZE is received, a flag is set indicating that the value changed - before sending any HPACK frame, this flag is checked to see if an update is wanted and if none was sent - in this case a DTSU of size zero is emitted and a flag is set to mention it was emitted so that it never has to be sent again This addresses the problem with nghttp2 without affecting VTest. More context is available here: https://github.com/nghttp2/nghttp2/issues/1660 https://lists.w3.org/Archives/Public/ietf-http-wg/2021OctDec/0235.html Many thanks to @jinsubsim for this report and participating to the issue that led to an improvement of the H2 spec. This should be backported to stable releases in a timely manner, ideally as far as 2.4 once the h2spec update is merged, then to other versions after a few months of observation or in case an issue around this is reported. |
||
|---|---|---|
| .github | ||
| addons | ||
| admin | ||
| dev | ||
| doc | ||
| examples | ||
| include | ||
| reg-tests | ||
| scripts | ||
| src | ||
| tests | ||
| .cirrus.yml | ||
| .gitattributes | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| BRANCHES | ||
| CHANGELOG | ||
| CONTRIBUTING | ||
| INSTALL | ||
| LICENSE | ||
| MAINTAINERS | ||
| Makefile | ||
| README | ||
| ROADMAP | ||
| SUBVERS | ||
| VERDATE | ||
| VERSION | ||
The HAProxy documentation has been split into a number of different files for ease of use. Please refer to the following files depending on what you're looking for : - INSTALL for instructions on how to build and install HAProxy - BRANCHES to understand the project's life cycle and what version to use - LICENSE for the project's license - CONTRIBUTING for the process to follow to submit contributions The more detailed documentation is located into the doc/ directory : - doc/intro.txt for a quick introduction on HAProxy - doc/configuration.txt for the configuration's reference manual - doc/lua.txt for the Lua's reference manual - doc/SPOE.txt for how to use the SPOE engine - doc/network-namespaces.txt for how to use network namespaces under Linux - doc/management.txt for the management guide - doc/regression-testing.txt for how to use the regression testing suite - doc/peers.txt for the peers protocol reference - doc/coding-style.txt for how to adopt HAProxy's coding style - doc/internals for developer-specific documentation (not all up to date)