You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@pekko.apache.org by "mdedetrich (via GitHub)" <gi...@apache.org> on 2023/12/08 00:50:30 UTC
Re: [PR] HTTP/2 rapid reset mitigation [incubator-pekko-http]
mdedetrich commented on code in PR #344:
URL: https://github.com/apache/incubator-pekko-http/pull/344#discussion_r1419806093
##########
http-core/src/main/resources/reference.conf:
##########
@@ -307,6 +307,12 @@ pekko.http {
# Fail the connection if a sent ping is not acknowledged within this timeout.
# When zero the ping-interval is used, if set the value must be evenly divisible by less than or equal to the ping-interval.
ping-timeout = 0s
+
+ # Configure the throttle for Reset Frames (https://github.com/apache/incubator-pekko-http/issues/332)
+ resets-throttle-cost = 100
+ resets-throttle-burst = 100
+ # setting resets-throttle-interval to 0s will disable the throttle
+ resets-throttle-interval = 1s
Review Comment:
Did we make an official decision about whether this mitigation should be enabled by default or not? My memory may be fuzzy but I thought we decided to not have it enabled by default but have the option so people can enable it (in the case they expose pekko-http directly to the internet).
Also not sure if a formal discussion on the mailing list for this is excessive.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@pekko.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@pekko.apache.org
For additional commands, e-mail: notifications-help@pekko.apache.org