id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
793	HTTP/2 defaults differ from spdy/http, change of behavior with default configs.	Pyry Hakulinen	Valentin V. Bartenev	"Maximum length for single header (and in total) for http, https, and spdy uses:

{{{
large_client_header_buffers 4 8k;
}}}

But HTTP/2 module defaults to:

{{{
http2_max_field_size 4k;
http2_max_header_size 16k;
}}}

This leads to situation that very long header lines worked with SPDY, but will now break with HTTP/2. Also it leads to inconsistent functionality/limits between http/1.x and http/2.0

For backwards compatibility I would suggest changing HTTP/2 defaults to 8k and 32k.

Steps to reproduce (Using Chrome and patch.http2-v6_1.9.4.txt) : 
1) setup http/2 nginx server with minimal config (allow http and http/2)
2) Go to http://server
3) Set 2 cookies using javascript:
{{{
document.cookie=""username="" + ""a"".repeat(3000);document.cookie=""username2="" + ""a"".repeat(3000);
}}}
4) Reload the page, and it will work just fine
4) Navigate to https://server and you will get a Chrome error page saying ""ERR_CONNECTION_CLOSED"", because header length is too long.

Also (while probably not directly related) you will not get any error page, the connection will just close, on http if you go over the 8k limit you will see the default error page:

{{{
400 Bad Request

Request Header Or Cookie Too Large
}}}"	defect	closed	minor		nginx-module	1.9.x	invalid	http2		Linux hostname 3.16.0-0.bpo.4-amd64 #1 SMP Debian 3.16.7-ckt2-1~bpo70+1 (2014-12-08) x86_64 GNU/Linux	"nginx version: nginx/1.9.4
built by gcc 4.7.2 (Debian 4.7.2-5) 
built with OpenSSL 1.0.2d 9 Jul 2015
TLS SNI support enabled
configure arguments: --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --conf-path=/usr/local/etc/nginx.conf --error-log-path=/var/log/nginx/error_log --http-log-path=/var/log/nginx/access_log --sbin-path=/usr/local/sbin/nginx --with-openssl=../openssl-1.0.2d/ --with-http_auth_request_module --with-threads --with-file-aio --add-module=../ngx_cache_purge-2.3/ --with-debug"