1 files changed, 39 insertions, 2 deletions

diff --git a/doc/src/manual/cowboy_http2.asciidoc b/doc/src/manual/cowboy_http2.asciidoc
index 9be1de8..1d2619c 100644
--- a/doc/src/manual/cowboy_http2.asciidoc
+++ b/doc/src/manual/cowboy_http2.asciidoc
@@ -35,14 +35,17 @@ opts() :: #{
     max_connection_window_size     => 0..16#7fffffff,
     max_decode_table_size          => non_neg_integer(),
     max_encode_table_size          => non_neg_integer(),
+    max_fragmented_header_block_size => 16384..16#7fffffff,
     max_frame_size_received        => 16384..16777215,
     max_frame_size_sent            => 16384..16777215 | infinity,
     max_received_frame_rate        => {pos_integer(), timeout()},
     max_reset_stream_rate          => {pos_integer(), timeout()},
+    max_cancel_stream_rate         => {pos_integer(), timeout()},
     max_stream_buffer_size         => non_neg_integer(),
     max_stream_window_size         => 0..16#7fffffff,
     preface_timeout                => timeout(),
     proxy_header                   => boolean(),
+    reset_idle_timeout_on_send     => boolean(),
     sendfile                       => boolean(),
     settings_timeout               => timeout(),
     stream_handlers                => [module()],
@@ -92,7 +95,10 @@ enable_connect_protocol (false)::
 
 Whether to enable the extended CONNECT method to allow
 protocols like Websocket to be used over an HTTP/2 stream.
-This option is experimental and disabled by default.
++
+For backward compatibility reasons, this option is disabled
+by default. It must be enabled to use Websocket over HTTP/2.
+It will be enabled by default in a future release.
 
 goaway_initial_timeout (1000)::
 
@@ -167,11 +173,25 @@ Maximum header table size in bytes used by the encoder. The server will
 compare this value to what the client advertises and choose the smallest
 one as the encoder's header table size.
 
+max_fragmented_header_block_size (32768)::
+
+Maximum header block size when headers are split over multiple HEADERS
+and CONTINUATION frames. Clients that attempt to send header blocks
+larger than this value will receive an ENHANCE_YOUR_CALM connection
+error. Note that this value is not advertised and should be large
+enough for legitimate requests.
+
 max_frame_size_received (16384)::
 
 Maximum size in bytes of the frames received by the server. This value is
 advertised to the remote endpoint which can then decide to use
 any value lower or equal for its frame sizes.
++
+It is highly recommended to increase this value for performance reasons.
+In a future Cowboy version the default will be increased to 1MB (1048576).
+Too low values may result in very large file uploads failing because
+Cowboy will detect the large number of frames as flood and close the
+connection.
 
 max_frame_size_sent (infinity)::
 
@@ -198,6 +218,14 @@ the number of streams that can be reset over a certain time period.
 The rate is expressed as a tuple `{NumResets, TimeMs}`. This is
 similar to a supervisor restart intensity/period.
 
+max_cancel_stream_rate ({500, 10000})::
+
+Maximum cancel stream rate per connection. This can be used to
+protect against misbehaving or malicious peers, by limiting the
+number of streams that the peer can reset over a certain time period.
+The rate is expressed as a tuple `{NumCancels, TimeMs}`. This is
+similar to a supervisor restart intensity/period.
+
 max_stream_buffer_size (8000000)::
 
 Maximum stream buffer size in bytes. This is a soft limit used
@@ -220,6 +248,11 @@ Whether incoming connections have a PROXY protocol header. The
 proxy information will be passed forward via the `proxy_header`
 key of the Req object.
 
+reset_idle_timeout_on_send (false)::
+
+Whether the `idle_timeout` gets reset when sending data
+to the socket.
+
 sendfile (true)::
 
 Whether the sendfile syscall may be used. It can be useful to disable
@@ -256,6 +289,10 @@ too many `WINDOW_UPDATE` frames.
 
 == Changelog
 
+* *2.11*: Websocket over HTTP/2 is now considered stable.
+* *2.11*: The `reset_idle_timeout_on_send` option was added.
+* *2.11*: Add the option `max_cancel_stream_rate` to protect
+          against another flood scenario.
 * *2.9*: The `goaway_initial_timeout` and `goaway_complete_timeout`
          options were added.
 * *2.8*: The `active_n` option was added.
@@ -283,7 +320,7 @@ too many `WINDOW_UPDATE` frames.
          `max_frame_size_received`, `max_frame_size_sent`
          and `settings_timeout` to configure HTTP/2 SETTINGS
          and related behavior.
-* *2.4*: Add the experimental option `enable_connect_protocol`.
+* *2.4*: Add the option `enable_connect_protocol`.
 * *2.0*: Protocol introduced.
 
 == See also