NGINX closing connection with GOAWAY if client sends SETTINGS_MAX_HEADER_LIST_SIZE with too large value in initial SETTINGS frame
|Reported by:||Owned by:|
Experienced between Chrome 62.0.3167.0 and above and https://www.123-reg.co.uk, which runs NGINX according to the response headers but I am not able to determine the version. Please contact the site administrator for more information.
If the client does not send a SETTINGS_MAX_HEADER_LIST_SIZE field in the initial settings frame, or sends one with value less than or equal to 32768, then the request succeeds.
If the client sends a SETTINGS_MAX_HEADER_LIST_SIZE value greater than 32768, then NGINX responds with a GOAWAY frame with last_accepted_stream_id = 0, error_code = NO_ERROR, and no debug data.
This, however, does not make sense: the client sending a SETTINGS_MAX_HEADER_LIST_SIZE value tells the server how long response headers the client is willing to accept at maximum. Larger value means the client is willing to accept larger responses. It does not ask or require the server to use more memory.
See https://crbug.com/751642 for Chrome bug.