spring-projects · qct · Aug 28, 2018 · Aug 30, 2018 · Aug 30, 2018
diff --git a/...oconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java b/...oconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java
@@ -83,7 +83,7 @@ public class ServerProperties {
 	/**
 	 * Maximum size, in bytes, of the HTTP message header.
 	 */
-	private int maxHttpHeaderSize = 0; // bytes
+	private int maxHttpHeaderSize = 8192;
 
 	/**
 	 * Time that connectors wait for another HTTP request before closing the connection.
@@ -729,6 +729,11 @@ public static class Jetty {
 		 */
 		private Integer selectors;
 
+		/**
+		 * Maximum size, in bytes, of the HTTP response header.
+		 */
+		private int maxHttpResponseHeaderSize;
+
 		public Accesslog getAccesslog() {
 			return this.accesslog;
 		}
@@ -757,6 +762,14 @@ public void setSelectors(Integer selectors) {
 			this.selectors = selectors;
 		}
 
+		public int getMaxHttpResponseHeaderSize() {
+			return this.maxHttpResponseHeaderSize;
+		}
+
+		public void setMaxHttpResponseHeaderSize(int maxHttpResponseHeaderSize) {
+			this.maxHttpResponseHeaderSize = maxHttpResponseHeaderSize;
+		}
+
 		/**
 		 * Jetty access log properties.
 		 */

diff --git a/.../org/springframework/boot/autoconfigure/web/embedded/JettyWebServerFactoryCustomizer.java b/.../org/springframework/boot/autoconfigure/web/embedded/JettyWebServerFactoryCustomizer.java
@@ -73,9 +73,13 @@ public void customize(ConfigurableJettyWebServerFactory factory) {
 				.to(factory::setAcceptors);
 		propertyMapper.from(jettyProperties::getSelectors).whenNonNull()
 				.to(factory::setSelectors);
-		propertyMapper.from(properties::getMaxHttpHeaderSize).when(this::isPositive)
-				.to((maxHttpHeaderSize) -> customizeMaxHttpHeaderSize(factory,
-						maxHttpHeaderSize));
+		propertyMapper.from(properties::getMaxHttpHeaderSize).when(this::isPositive).to(
+				(maxHttpRequestHeaderSize) -> customizeMaxHttpRequestHeaderSize(factory,
+						maxHttpRequestHeaderSize));
+		propertyMapper.from(jettyProperties::getMaxHttpResponseHeaderSize)
+				.when(this::isPositive)
+				.to((maxHttpResponseHeaderSize) -> customizeMaxHttpResponseHeaderSize(
+						factory, maxHttpResponseHeaderSize));
 		propertyMapper.from(jettyProperties::getMaxHttpPostSize).when(this::isPositive)
 				.to((maxHttpPostSize) -> customizeMaxHttpPostSize(factory,
 						maxHttpPostSize));
@@ -112,8 +116,8 @@ private void customizeConnectionTimeout(ConfigurableJettyWebServerFactory factor
 		});
 	}
 
-	private void customizeMaxHttpHeaderSize(ConfigurableJettyWebServerFactory factory,
-			int maxHttpHeaderSize) {
+	private void customizeMaxHttpRequestHeaderSize(
+			ConfigurableJettyWebServerFactory factory, int maxHttpRequestHeaderSize) {
 		factory.addServerCustomizers(new JettyServerCustomizer() {
 
 			@Override
@@ -132,8 +136,34 @@ public void customize(Server server) {
 
 			private void customize(HttpConfiguration.ConnectionFactory factory) {
 				HttpConfiguration configuration = factory.getHttpConfiguration();
-				configuration.setRequestHeaderSize(maxHttpHeaderSize);
-				configuration.setResponseHeaderSize(maxHttpHeaderSize);
+				configuration.setRequestHeaderSize(maxHttpRequestHeaderSize);
+			}
+
+		});
+	}
+
+	private void customizeMaxHttpResponseHeaderSize(
+			ConfigurableJettyWebServerFactory factory,
+			Integer maxHttpResponseHeaderSize) {
+		factory.addServerCustomizers(new JettyServerCustomizer() {
+
+			@Override
+			public void customize(Server server) {
+				for (org.eclipse.jetty.server.Connector connector : server
+						.getConnectors()) {
+					for (ConnectionFactory connectionFactory : connector
+							.getConnectionFactories()) {
+						if (connectionFactory instanceof HttpConfiguration.ConnectionFactory) {
+							customize(
+									(HttpConfiguration.ConnectionFactory) connectionFactory);
+						}
+					}
+				}
+			}
+
+			private void customize(HttpConfiguration.ConnectionFactory factory) {
+				HttpConfiguration configuration = factory.getHttpConfiguration();
+				configuration.setResponseHeaderSize(maxHttpResponseHeaderSize);
 			}
 
 		});

diff --git a/.../org/springframework/boot/autoconfigure/web/embedded/NettyWebServerFactoryCustomizer.java b/.../org/springframework/boot/autoconfigure/web/embedded/NettyWebServerFactoryCustomizer.java
@@ -18,7 +18,9 @@
 
 import org.springframework.boot.autoconfigure.web.ServerProperties;
 import org.springframework.boot.cloud.CloudPlatform;
+import org.springframework.boot.context.properties.PropertyMapper;
 import org.springframework.boot.web.embedded.netty.NettyReactiveWebServerFactory;
+import org.springframework.boot.web.embedded.netty.NettyServerCustomizer;
 import org.springframework.boot.web.server.WebServerFactoryCustomizer;
 import org.springframework.core.Ordered;
 import org.springframework.core.env.Environment;
@@ -51,6 +53,11 @@ public int getOrder() {
 	public void customize(NettyReactiveWebServerFactory factory) {
 		factory.setUseForwardHeaders(
 				getOrDeduceUseForwardHeaders(this.serverProperties, this.environment));
+		PropertyMapper propertyMapper = PropertyMapper.get();
+		propertyMapper.from(this.serverProperties::getMaxHttpHeaderSize)
+				.when(this::isPositive)
+				.to((maxHttpRequestHeaderSize) -> customizeMaxHttpHeaderSize(factory,
+						maxHttpRequestHeaderSize));
 	}
 
 	private boolean getOrDeduceUseForwardHeaders(ServerProperties serverProperties,
@@ -62,4 +69,15 @@ private boolean getOrDeduceUseForwardHeaders(ServerProperties serverProperties,
 		return platform != null && platform.isUsingForwardHeaders();
 	}
 
+	private void customizeMaxHttpHeaderSize(NettyReactiveWebServerFactory factory,
+			Integer maxHttpHeaderSize) {
+		factory.addServerCustomizers((NettyServerCustomizer) (httpServer) -> httpServer
+				.httpRequestDecoder((httpRequestDecoderSpec) -> httpRequestDecoderSpec
+						.maxHeaderSize(maxHttpHeaderSize)));
+	}
+
+	private boolean isPositive(Integer value) {
+		return value > 0;
+	}
+
 }
diff --git a/...igure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java b/...igure/src/test/java/org/springframework/boot/autoconfigure/web/ServerPropertiesTests.java
@@ -168,6 +168,13 @@ public void testCustomizeJettyAccessLog() {
 		assertThat(jetty.getAccesslog().isAppend()).isTrue();
 	}
 
+	@Test
+	public void customizeMaxHttpResponseHeaderSize() {
+		bind("server.jetty.max-http-response-header-size", "2048");
+		ServerProperties.Jetty jetty = this.properties.getJetty();
+		assertThat(jetty.getMaxHttpResponseHeaderSize()).isEqualTo(2048);
+	}
+
 	private void bind(String name, String value) {
 		bind(Collections.singletonMap(name, value));
 	}

diff --git a/...springframework/boot/autoconfigure/web/embedded/JettyWebServerFactoryCustomizerTests.java b/...springframework/boot/autoconfigure/web/embedded/JettyWebServerFactoryCustomizerTests.java
@@ -21,6 +21,9 @@
 import java.util.Locale;
 import java.util.TimeZone;
 
+import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.HttpConfiguration;
+import org.eclipse.jetty.server.HttpConfiguration.ConnectionFactory;
 import org.eclipse.jetty.server.NCSARequestLog;
 import org.eclipse.jetty.server.RequestLog;
 import org.junit.Before;
@@ -140,6 +143,21 @@ public void setUseForwardHeaders() {
 		verify(factory).setUseForwardHeaders(true);
 	}
 
+	@Test
+	public void customizeMaxHttpResponseHeaderSize() {
+		bind("server.jetty.max-http-response-header-size=2048");
+		JettyWebServer server = customizeAndGetServer();
+		for (Connector connector : server.getServer().getConnectors()) {
+			connector.getConnectionFactories().stream()
+					.filter((factory) -> factory instanceof ConnectionFactory)
+					.forEach((cf) -> {
+						ConnectionFactory factory = (ConnectionFactory) cf;
+						HttpConfiguration configuration = factory.getHttpConfiguration();
+						assertThat(configuration.getResponseHeaderSize()).isEqualTo(2048);
+					});
+		}
+	}
+
 	private void bind(String... inlinedProperties) {
 		TestPropertySourceUtils.addInlinedPropertiesToEnvironment(this.environment,
 				inlinedProperties);