Alexander Krizhanovsky
Alexander Krizhanovsky
This is a pull request draft, I even didn't compile it yet. Fix #1624 with explicit ALPN verification against the type of the listening socket, inherited by all established sockets.
# Scope ## Caching - [ ] The original report is https://github.com/tempesta-tech/tempesta/issues/1415#issuecomment-641326456 : there are perf profile symbols for hpack in pure HTTP/1 traffic. We sacrificed HTTP/1 performance to make...
At the moment we store URI authority part in `req->host` for HTTP/1, but we have a designated `TFW_HTTP_HDR_H2_AUTHORITY` special header for HTTP/2 for `:authority`. This complicates the logic (e.g. see...
The task is crucial since even with #2074 we barely can handle a case when web content doesn't fit RAM. The failure https://github.com/tempesta-tech/tempesta/issues/2557 also happened due to cache overflown. Depends...
## Scope We support `X-Forwarded-For` header while [RFC 7239](https://tools.ietf.org/html/rfc7239) introduces standard `Forwarded` header which also must be parsed as special header. At least following arguments must be processed: - [X]...
Moved from https://github.com/tempesta-tech/tempesta-test/issues/240 by @KonsKo Frang limit `connection_burst` does not work properly. Client: curl backend: nginx Curl request: `'-Ikf -v -H "Host: tempesta-tech.com:8765" -H "Connection: close"'` Tempesta: ``` frang_limits {...
We need at least minimal HTTP requests normalization (like ngx_http_parse_complex_uri() from Nginx does it). The normalization must be implemented as a part of current HTTP FSM (to avoid double processing...
Currently we process both the URI parts in the same `Req_UriAbsPath` parser state and validate input against the same alphabet. However, if we process them separately and explicitly parse splitting...
## Scope According to [RFC 7540 5.3](https://tools.ietf.org/html/rfc7540#section-5.3) and [RFC 9218](https://datatracker.ietf.org/doc/html/rfc9218) we should schedule or service from the cache requests according to their priority and dependency. Reprioritization also must be implemented....
## Scope At the moment Tempesta FW uses `User-Agent` as part of user fingerprinting. Not only the header is unreliable (e.g. bot nets frequently just set the header to some...