Opened 19 months ago

Closed 4 months ago

#1508 closed defect (duplicate)

When browser access nginx http/2 server with large cookies, nginx don't return HTTP4xx but return http/2 ENHANCE YOUR CALM error.

Reported by: kazuki_yasufuku.dwango.co.jp@… Owned by:
Priority: major Milestone:
Component: nginx-core Version: 1.11.x
Keywords: http/2 Cookie Cc:
uname -a: Linux nicogame-res01-dev 4.12.1-1.el7.elrepo.x86_64 #1 SMP Thu Jul 13 07:25:32 EDT 2017 x86_64 x86_64 x86_64 GNU/Linux
nginx -V: nginx version: nginx/1.11.1 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-11) (GCC) built with LibreSSL 2.4.5 TLS SNI support enabled configure arguments: --prefix=/opt/nginx-1.11.1 --user=nginx --group=nginx --pid-path=/run/nginx-1.11.1.pid --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_stub_status_module --with-http_auth_request_module --with-mail --with-mail_ssl_module --with-file-aio --with-ipv6 --with-http_v2_module --with-debug --with-openssl=/root/libressl-2.4.5 --with-ld-opt=-Wl,-rpath,/opt/luajit-2.0.4/lib --add-module=/root/ngx_devel_kit-0.3.0 --add-module=/root/lua-nginx-module-0.10.7 --add-module=/root/headers-more-nginx-module-0.32 --add-dynamic-module=/root/ngx-signed-cookie-module-0.1

Description

If Browser eat large cookies, nginx enabled http/2 will not return any HTTP response, but disconnect http/2 session.
This behavior has the following problems

  1. Browser cannot display any error page, but display connection error.
  2. No way to delete Browser cookie from server side.
  3. User have no way to know that it's caused by large cookies

To solve this problem, nginx should return customizable 431 HTTP response for these situations to delete large cookies.

When set large cookies and setting error_log to debug, Nginx was logging the request as follows:

2018/03/07 16:29:17 [debug] 118037#0: *105 http2 http header: "accept-language: ja,en-US;q=0.9,en;q=0.8"
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 get indexed header: 32
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack encoded string length: 323
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 add header to hpack table: "cookie: cookieBomb830=aaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack table account: 552 free:3585
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 get indexed header: 32
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack encoded string length: 323
2018/03/07 16:29:17 [debug] 118037#0: *105 posix_memalign: 00007FAA46ECDCB0:1024 @16
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 add header to hpack table: "cookie: cookieBomb831=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack table account: 552 free:3033

(Abbreviation)

2018/03/07 16:29:17 [debug] 118037#0: *105 http2 add header to hpack table: "cookie: cookieBomb859=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack table account: 552 free:232
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 get indexed header: 32
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 hpack encoded string length: 323
2018/03/07 16:29:17 [debug] 118037#0: *105 posix_memalign: 00007FAA46F6B510:1024 @16
2018/03/07 16:29:17 [info] 118037#0: *105 client exceeded http2_max_header_size limit while processing HTTP/2 connection, client: 101.110.31.250, server: 0.0.0.0:443
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 state connection error
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 send GOAWAY frame, status:11
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 frame out: 00007FAA46F49470 sid:0 bl:0 len:8
2018/03/07 16:29:17 [debug] 118037#0: *105 malloc: 00007FAA46F6B920:4096
2018/03/07 16:29:17 [debug] 118037#0: *105 SSL buf copy: 17
2018/03/07 16:29:17 [debug] 118037#0: *105 SSL to write: 17
2018/03/07 16:29:17 [debug] 118037#0: *105 SSL_write: 17
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 frame sent: 00007FAA46F49470 sid:0 bl:0 len:8
2018/03/07 16:29:17 [debug] 118037#0: *105 http2 close stream 1, queued 0, processing 1
2018/03/07 16:29:17 [debug] 118037#0: *105 http close request
2018/03/07 16:29:17 [debug] 118037#0: *105 http log handler
2018/03/07 16:29:17 [debug] 118037#0: *105 free: 00007FAA46ED59E0, unused: 0
2018/03/07 16:29:17 [debug] 118037#0: *105 free: 00007FAA46F3A210, unused: 1163
2018/03/07 16:29:17 [debug] 118037#0: *105 close http connection: 19
2018/03/07 16:29:17 [debug] 118037#0: *105 SSL_shutdown: 1

Change History (2)

comment:1 Changed 19 months ago by kazuki_yasufuku.dwango.co.jp@…

Update: I talked about this ticket at httpwg mailing list.
https://lists.w3.org/Archives/Public/ietf-http-wg/2018AprJun/thread.html#msg27

comment:2 Changed 4 months ago by mdounin

  • Resolution set to duplicate
  • Status changed from new to closed

Closing this as a duplicate of #1520 (which was selected mostly arbitrary among similar tickets, and has a good explanation in it on why nginx closes HTTP/2 connection instead of returning an error; while returning an HTTP error followed by a GOAWAY might be better, this implies layering violation and highly unlikely to be ever implemented).

Note: See TracTickets for help on using tickets.