Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-10-07 | Document the logger option | Loïc Hoguin | |
2019-10-02 | Fix HTTP/2 CVEs | Loïc Hoguin | |
A number of HTTP/2 CVEs were documented recently: https://www.kb.cert.org/vuls/id/605641/ This commit, along with a few changes and additions in Cowlib, fix or improve protection against all of them. For CVE-2019-9511, also known as Data Dribble, the new option stream_window_data_threshold can be used to control how little the DATA frames that Cowboy sends can get. For CVE-2019-9516, also known as 0-Length Headers Leak, Cowboy will now simply reject streams containing 0-length header names. For CVE-2019-9517, also known as Internal Data Buffering, the backpressure changes were already pretty good at preventing this issue, but a new option max_connection_buffer_size was added for even better control over how much memory we are willing to allocate. For CVE-2019-9512, also known as Ping Flood; CVE-2019-9515, also known as Settings Flood; CVE-2019-9518, also known as Empty Frame Flooding; and similar undocumented scenarios, a frame rate limiting mechanism was added. By default Cowboy will now allow 1000 frames every 10 seconds. This can be configured via max_received_frame_rate. For CVE-2019-9514, also known as Reset Flood, another rate limiting mechanism was added and can be configured via max_reset_stream_rate. By default Cowboy will do up to 10 stream resets every 10 seconds. Finally, nothing was done for CVE-2019-9513, also known as Resource Loop, because Cowboy does not currently implement the HTTP/2 priority mechanism (in parts because these issues were well known from the start). Tests were added for all cases except Internal Data Buffering, which I'm not sure how to test, and Resource Loop, which is not currently relevant. | |||
2019-09-14 | Implement backpressure on cowboy_req:stream_body | Loïc Hoguin | |
This should limit the amount of memory that Cowboy is using when a handler is sending data much faster than the network. The new max_stream_buffer_size is a soft limit and only has an effect when the cowboy_stream_h handler is used. | |||
2019-09-06 | Document unit for options that are in bytes | Loïc Hoguin | |
2019-09-05 | Fix and optimize sending of WINDOW_UPDATE frames | Loïc Hoguin | |
For long-running connections it was possible for the connection window to become larger than allowed by the protocol because the window increases claimed by stream handlers were never reclaimed even if no data was consumed. The new code applies heuristics to fix this and reduce the number of WINDOW_UPDATE frames that are sent. It includes six new options to control that behavior: margin, max and threshold for both the connection and stream windows. The margin is some extra space added on top of the requested read size. The max is the maximum window size at any given time. The threshold is a minimum window size that must be reached before we even consider sending more WINDOW_UPDATE frames. We also avoid sending WINDOW_UPDATE frames when there is already enough space in the window, or when the read size is 0. Cowlib is set to master until a new tag is done. | |||
2018-11-18 | Document cowboy_stream_h/cowboy_compress_h | Loïc Hoguin | |
2018-11-16 | Add the idle_timeout option to HTTP/2 | Loïc Hoguin | |
2018-11-14 | Add some missing items to a few module changelogs | Loïc Hoguin | |
2018-11-14 | Document the proxy_header protocol option | Loïc Hoguin | |
2018-11-03 | Add an option to disable sendfile for a listener | Loïc Hoguin | |
2018-05-02 | Fix cowboy_http2 manual page formatting | Loïc Hoguin | |
[ci skip] | |||
2018-04-28 | Add SETTINGS ack timeout and option settings_timeout | Loïc Hoguin | |
2018-04-27 | Add options controlling maximum h2 frame sizes | Loïc Hoguin | |
2018-04-26 | Add options controlling initial control flow windows | Loïc Hoguin | |
2018-04-25 | Add the max_concurrent_streams h2 option | Loïc Hoguin | |
2018-04-25 | Add options to control h2's SETTINGS_HEADER_TABLE_SIZE | Loïc Hoguin | |
2018-04-04 | Add initial implementation of Websocket over HTTP/2 | Loïc Hoguin | |
Using the current draft: https://tools.ietf.org/html/draft-ietf-httpbis-h2-websockets-01 | |||
2017-06-07 | Remove NumAcceptors argument from start_clear/tls | Loïc Hoguin | |
They are now cowboy:start_clear/3 and cowboy:start_tls/3. The NumAcceptors argument can be specified via the num_acceptor transport option. Ranch has been updated to 1.4.0 to that effect. | |||
2017-05-05 | Add inactivity_timeout and other options improvements | Loïc Hoguin | |
2016-12-22 | Update cowboy_websocket_manual | Loïc Hoguin | |
2016-12-22 | Add the manual for cowboy_http2 | Loïc Hoguin | |