From 19cdee856e75fdf806efce411b48c0f7fdbb6134 Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Wed, 28 Nov 2018 09:02:17 -0800 Subject: [PATCH 1/2] doc: describe current HTTP header size limit Document that the limit was changed from 80KB to 8KB in 186035243. Fixes: https://github.com/nodejs/node/issues/24693 --- doc/api/errors.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/doc/api/errors.md b/doc/api/errors.md index 96ff284c0a4054..1daa8ef4a89d04 100644 --- a/doc/api/errors.md +++ b/doc/api/errors.md @@ -1880,9 +1880,15 @@ Creation of a [`zlib`][] object failed due to incorrect configuration. ### HPE_HEADER_OVERFLOW + Too much HTTP header data was received. In order to protect against malicious or -malconfigured clients, if more than 80KB of HTTP header data is received then +malconfigured clients, if more than 8KB of HTTP header data is received then HTTP parsing will abort without a request or response object being created, and an `Error` with this code will be emitted. From bb3d6724f91cc366a5f148d994b45f45ffb7470d Mon Sep 17 00:00:00 2001 From: Vse Mozhet Byt Date: Wed, 28 Nov 2018 10:28:59 -0800 Subject: [PATCH 2/2] fixup Co-Authored-By: sam-github --- doc/api/errors.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api/errors.md b/doc/api/errors.md index 1daa8ef4a89d04..75d0f368ca7c2d 100644 --- a/doc/api/errors.md +++ b/doc/api/errors.md @@ -1884,7 +1884,7 @@ Creation of a [`zlib`][] object failed due to incorrect configuration. changes: - version: REPLACEME pr-url: https://github.com/nodejs/node/commit/186035243fad247e3955f - description: deps,http: http_parser set max header size to 8KB + description: Max header size in `http_parser` was set to 8KB. --> Too much HTTP header data was received. In order to protect against malicious or