From 29c0759634300024112538dcd53461f7842f69f7 Mon Sep 17 00:00:00 2001 From: Dan Kegel Date: Fri, 10 Feb 2023 14:00:53 -0800 Subject: [PATCH] Serve: send back 431 error instead of panicking when request header too big This is a POC that's just good enough to pass a smoke test. TODO: - verify that this is the right approach - on total header length too big, send 413 - on URI too long, send 414 - add tests verifying behavior when each part of the request from client is too big - add tests verifying behavior when each part of the response from origin is too big --- fsthttp/handle.go | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/fsthttp/handle.go b/fsthttp/handle.go index 5c817f7..dc19bdb 100644 --- a/fsthttp/handle.go +++ b/fsthttp/handle.go @@ -4,8 +4,11 @@ package fsthttp import ( "context" + "errors" "fmt" "sync" + + "github.com/fastly/compute-sdk-go/internal/abi/fastly" ) var ( @@ -23,11 +26,19 @@ func Serve(h Handler) { ctx, cancel := context.WithCancel(context.Background()) defer cancel() + headerTooLong := false + serveOnce.Do(func() { var err error clientRequest, err = newClientRequest() if err != nil { - panic(fmt.Errorf("create client Request: %w", err)) + status, ok := fastly.IsFastlyError(errors.Unwrap(err)) + if ok && status == fastly.FastlyStatusBufLen { + headerTooLong = true + } + if !headerTooLong { + panic(fmt.Errorf("create client Request: %w", err)) + } } clientResponseWriter, err = newResponseWriter() if err != nil { @@ -36,6 +47,11 @@ func Serve(h Handler) { }) defer clientResponseWriter.Close() + if headerTooLong { + clientResponseWriter.WriteHeader(StatusRequestHeaderFieldsTooLarge) + clientResponseWriter.Write([]byte("Request Header Fields Too Large\n")) + return + } h.ServeHTTP(ctx, clientResponseWriter, clientRequest) }