How to limit the size of headers?

Question

How to limit the size of headers?

lithbitren opened this issue a year ago · 1 comments

Feature Request

Motivation

Prevent Axum servers from receiving oversized headers to mitigate resource consumption and potential security risks.

Proposal

Implement a configurable header size limit in the Axum framework that rejects requests with large headers during TCP stream parsing and disconnects the connection when exceeded.

Answer 1 · 2024-01-26T21:26:08.000Z

This is something that hyper would handle. At the time a tower service or middleware gets access to a request, all the headers have been read already.

Also please don't open both an issue and a GitHub discussion about the same thing, pick the one that seems the most fitting.