Issue #3978 - HTTP/2 vulnerabilities.

Fixed load test that required `RateControl.NO_RATE_CONTROL`.

Signed-off-by: Simone Bordet <simone.bordet@gmail.com>
This commit is contained in:
Simone Bordet 2019-08-21 11:36:06 +02:00
parent 5184c4ec3d
commit 32fe4e5ca8
2 changed files with 2 additions and 1 deletions

View File

@ -218,7 +218,6 @@ public class SettingsBodyParser extends BodyParser
public static SettingsFrame parseBody(final ByteBuffer buffer)
{
AtomicReference<SettingsFrame> frameRef = new AtomicReference<>();
// TODO should we do rate control here?
SettingsBodyParser parser = new SettingsBodyParser(new HeaderParser(RateControl.NO_RATE_CONTROL), new Parser.Listener.Adapter()
{
@Override

View File

@ -49,6 +49,7 @@ import org.eclipse.jetty.http2.frames.HeadersFrame;
import org.eclipse.jetty.http2.frames.PingFrame;
import org.eclipse.jetty.http2.frames.ResetFrame;
import org.eclipse.jetty.http2.frames.SettingsFrame;
import org.eclipse.jetty.http2.parser.RateControl;
import org.eclipse.jetty.http2.server.HTTP2ServerConnectionFactory;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.HttpConfiguration;
@ -74,6 +75,7 @@ public class MaxConcurrentStreamsTest extends AbstractTest
{
HTTP2ServerConnectionFactory http2 = new HTTP2ServerConnectionFactory(new HttpConfiguration());
http2.setMaxConcurrentStreams(maxConcurrentStreams);
http2.setRateControl(RateControl.NO_RATE_CONTROL);
prepareServer(http2);
server.setHandler(handler);
server.start();