An ability to terminate the underlying connection abruptly
yrashk opened this issue · comments
In some cases, like dealing with slow senders or otherwise abusive requesters, it may be desirable to terminate the underlying connection. I've looked around and couldn't find a well-exposed API to do this.
Assuming I am right and this is not possible right now, would such functionality be welcomed through a PR?
Thank you for raising the idea.
For slow senders, I think timeouts would be suffice. Are you looking for a specific type of timeout that is missing?
Re closing a connection to abusive requests. Yes, I think it makes sense.
Assuming that you are using h2o as a reverse proxy, we have a boolean configuration parameter called proxy.forward.close-connection
that closes the downstream HTTP connection if upstream sends connection: close
.
This mechanism has three issues:
- i) It works only for HTTP/1.
- ii) It only works for h2o running as a reverse proxy. If your application is connected through fastcgi, it does not work.
- iii) Some people want to use non-keep-alive connections to backend servers (i.e., backend server sends
connection: close
), but not close the connection to the client. These people have to turn this option off.
I think it makes sense to define a header field that instructs h2o to close the connection, which would be recognized by protocol handlers of all HTTP versions (e.g., lib/http1.c, lib/http2/stream.c, lib/http3/server.c). That'd fix the 2nd point as well.
@kazuho thank you so much for such a detailed response.
In my particular case, I use H2O through libh2o, and I am looking for a programmatic way to terminate the entire connection (in the case of TCP connections, to be more specific) at will.