All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.undertow.UndertowOptions Maven / Gradle / Ivy

Go to download

This artifact provides a single jar that contains all classes required to use remote EJB and JMS, including all dependencies. It is intended for use by those not using maven, maven users should just import the EJB and JMS BOM's instead (shaded JAR's cause lots of problems with maven, as it is very easy to inadvertently end up with different versions on classes on the class path).

There is a newer version: 34.0.0.Final
Show newest version
/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2014 Red Hat, Inc., and individual contributors
 * as indicated by the @author tags.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */

package io.undertow;

import org.xnio.Option;

/**
 * @author Stuart Douglas
 */
public class UndertowOptions {
    /**
     *  The default read timeout to be used by read operations that absolutely require a timeout. Used only when both
     *   READ_TIMEOUT and IDLE_TIMEOUT are not used. 
UNIT: milliseconds. */ public static final int DEFAULT_READ_TIMEOUT = 600000; /** * The maximum size in bytes of a http request header.
UNIT: Bytes. */ public static final Option MAX_HEADER_SIZE = Option.simple(UndertowOptions.class, "MAX_HEADER_SIZE", Integer.class); /** * The default size we allow for the HTTP header.
UNIT: Bytes. */ public static final int DEFAULT_MAX_HEADER_SIZE = 1024 * 1024; /** * The default maximum size of the HTTP entity body.
UNIT: Bytes. */ public static final Option MAX_ENTITY_SIZE = Option.simple(UndertowOptions.class, "MAX_ENTITY_SIZE", Long.class); /** * The default maximum size of the HTTP entity body when using the multitipart parser. Generally this will be larger than {@link #MAX_ENTITY_SIZE}. * * If this is not specified it will be the same as {@link #MAX_ENTITY_SIZE}. */ public static final Option MULTIPART_MAX_ENTITY_SIZE = Option.simple(UndertowOptions.class, "MULTIPART_MAX_ENTITY_SIZE", Long.class); /** * We do not have a default upload limit */ public static final long DEFAULT_MAX_ENTITY_SIZE = -1; /** * If we should buffer pipelined requests. Defaults to false. */ public static final Option BUFFER_PIPELINED_DATA = Option.simple(UndertowOptions.class, "BUFFER_PIPELINED_DATA", Boolean.class); /** * The idle timeout in milliseconds after which the channel will be closed. * * If the underlying channel already has a read or write timeout set the smaller of the two values will be used * for read/write timeouts.
UNIT: Milliseconds. * */ public static final Option IDLE_TIMEOUT = Option.simple(UndertowOptions.class, "IDLE_TIMEOUT", Integer.class); /** * The maximum allowed time of reading HTTP request in milliseconds. * * -1 or missing value disables this functionality.
UNIT: Milliseconds. */ public static final Option REQUEST_PARSE_TIMEOUT = Option.simple(UndertowOptions.class, "REQUEST_PARSE_TIMEOUT", Integer.class); /** * The amount of time the connection can be idle with no current requests before it is closed;
UNIT: Milliseconds. */ public static final Option NO_REQUEST_TIMEOUT = Option.simple(UndertowOptions.class, "NO_REQUEST_TIMEOUT", Integer.class); public static final int DEFAULT_MAX_PARAMETERS = 1000; /** * The maximum number of parameters that will be parsed. This is used to protect against hash vulnerabilities. *

* This applies to both query parameters, and to POST data, but is not cumulative (i.e. you can potentially have * max parameters * 2 total parameters). *

* Defaults to 1000 */ public static final Option MAX_PARAMETERS = Option.simple(UndertowOptions.class, "MAX_PARAMETERS", Integer.class); public static final int DEFAULT_MAX_HEADERS = 200; /** * The maximum number of headers that will be parsed. This is used to protect against hash vulnerabilities. *

* Defaults to 200 */ public static final Option MAX_HEADERS = Option.simple(UndertowOptions.class, "MAX_HEADERS", Integer.class); public static final int DEFAULT_MAX_COOKIES = 200; /** * The maximum number of cookies that will be parsed. This is used to protect against hash vulnerabilities. *

* Defaults to 200 */ public static final Option MAX_COOKIES = Option.simple(UndertowOptions.class, "MAX_COOKIES", Integer.class); /** * If a request comes in with encoded / characters (i.e. %2F), will these be decoded. *

* This can cause security problems if a front end proxy does not perform the same decoding, and as a result * this is disabled by default. *

* Defaults to false *

* See CVE-2007-0450 * @deprecated - this option was interpreted improperly. * @See {@link #DECODE_SLASH} */ public static final Option ALLOW_ENCODED_SLASH = Option.simple(UndertowOptions.class, "ALLOW_ENCODED_SLASH", Boolean.class); /** * If a request comes in with encoded / characters (i.e. %2F), will these be decoded. *

* This can cause security problems if a front end proxy does not perform the same decoding, and as a result * this is disabled by default. *

* If this option is set explicitly, the {@link #ALLOW_ENCODED_SLASH} is ignored. Should default to true *

* See CVE-2007-0450 */ public static final Option DECODE_SLASH = Option.simple(UndertowOptions.class, "DECODE_SLASH", Boolean.class); /** * If this is true then the parser will decode the URL and query parameters using the selected character encoding (UTF-8 by default). If this is false they will * not be decoded. This will allow a later handler to decode them into whatever charset is desired. *

* Defaults to true. */ public static final Option DECODE_URL = Option.simple(UndertowOptions.class, "DECODE_URL", Boolean.class); /** * If this is true then the parser will decode the URL and query parameters using the selected character encoding (UTF-8 by default). If this is false they will * not be decoded. This will allow a later handler to decode them into whatever charset is desired. *

* Defaults to true. */ public static final Option URL_CHARSET = Option.simple(UndertowOptions.class, "URL_CHARSET", String.class); /** * If this is true then a Connection: keep-alive header will be added to responses, even when it is not strictly required by * the specification. *

* Defaults to true */ public static final Option ALWAYS_SET_KEEP_ALIVE = Option.simple(UndertowOptions.class, "ALWAYS_SET_KEEP_ALIVE", Boolean.class); /** * If this is true then a Date header will be added to all responses. The HTTP spec says this header should be added to all * responses, unless the server does not have an accurate clock. *

* Defaults to true */ public static final Option ALWAYS_SET_DATE = Option.simple(UndertowOptions.class, "ALWAYS_SET_DATE", Boolean.class); /** * Maximum size of a buffered request, in bytes *

* Requests are not usually buffered, the most common case is when performing SSL renegotiation for a POST request, and the post data must be fully * buffered in order to perform the renegotiation. *

* Defaults to 16384.
UNIT: Bytes. */ public static final Option MAX_BUFFERED_REQUEST_SIZE = Option.simple(UndertowOptions.class, "MAX_BUFFERED_REQUEST_SIZE", Integer.class); /** * Default value of request buffer.
UNIT: Bytes. */ public static final int DEFAULT_MAX_BUFFERED_REQUEST_SIZE = 16384; /** * If this is true then Undertow will record the request start time, to allow for request time to be logged * * This has a small but measurable performance impact * * default is false */ public static final Option RECORD_REQUEST_START_TIME = Option.simple(UndertowOptions.class, "RECORD_REQUEST_START_TIME", Boolean.class); /** * If this is true then Undertow will allow non-escaped equals characters in unquoted cookie values. *

* Unquoted cookie values may not contain equals characters. If present the value ends before the equals sign. The remainder of the cookie value will be dropped. *

* default is false */ public static final Option ALLOW_EQUALS_IN_COOKIE_VALUE = Option.simple(UndertowOptions.class, "ALLOW_EQUALS_IN_COOKIE_VALUE", Boolean.class); /** * If this is true then Undertow will enable RFC6265 compliant cookie validation for Set-Cookie header instead of legacy backward compatible behavior. * * default is false */ public static final Option ENABLE_RFC6265_COOKIE_VALIDATION = Option.simple(UndertowOptions.class, "ENABLE_RFC6265_COOKIE_VALIDATION", Boolean.class); public static final boolean DEFAULT_ENABLE_RFC6265_COOKIE_VALIDATION = false; /** * If we should attempt to use SPDY for HTTPS connections. * * SPDY is no longer supported, use HTTP/2 instead */ @Deprecated public static final Option ENABLE_SPDY = Option.simple(UndertowOptions.class, "ENABLE_SPDY", Boolean.class); /** * If we should attempt to use HTTP2 for HTTPS connections. */ public static final Option ENABLE_HTTP2 = Option.simple(UndertowOptions.class, "ENABLE_HTTP2", Boolean.class); /** * If connector level statistics should be enabled. This has a slight performance impact, but allows statistics such * as bytes sent/recevied to be monitored. * * If this is passed to the client then client statistics will be enabled. * */ public static final Option ENABLE_STATISTICS = Option.simple(UndertowOptions.class, "ENABLE_STATISTICS", Boolean.class); /** * If connector level statistics should be enabled. This has a slight performance impact, but allows statistics such * as bytes sent/recevied to be monitored. */ @Deprecated public static final Option ENABLE_CONNECTOR_STATISTICS = ENABLE_STATISTICS; /** * If unknown protocols should be allowed. The known protocols are: * * HTTP/0.9 * HTTP/1.0 * HTTP/1.1 * HTTP/2.0 * * If this is false then requests that specify any other protocol will be rejected with a 400 * * Defaults to false */ public static final Option ALLOW_UNKNOWN_PROTOCOLS = Option.simple(UndertowOptions.class, "ALLOW_UNKNOWN_PROTOCOLS", Boolean.class); /** * The size of the header table that is used in the encoder */ public static final Option HTTP2_SETTINGS_HEADER_TABLE_SIZE = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_HEADER_TABLE_SIZE", Integer.class); public static final int HTTP2_SETTINGS_HEADER_TABLE_SIZE_DEFAULT = 4096; /** * If push should be enabled for this connection. */ public static final Option HTTP2_SETTINGS_ENABLE_PUSH = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_ENABLE_PUSH", Boolean.class); /** * The maximum number of concurrent http2 streams. */ public static final Option HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS", Integer.class); public static final int DEFAULT_HTTP2_SETTINGS_MAX_CONCURRENT_STREAMS = -1; /** * Size of initial HTTP2 window. *
UNIT: Bytes. */ public static final Option HTTP2_SETTINGS_INITIAL_WINDOW_SIZE = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_INITIAL_WINDOW_SIZE", Integer.class); /** * Max frame size for HTTP2. *
UNIT: Bytes. */ public static final Option HTTP2_SETTINGS_MAX_FRAME_SIZE = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_MAX_FRAME_SIZE", Integer.class); /** * Deprecated, as it is effectively a duplicate of MAX_HEADER_SIZE * * @see #MAX_HEADER_SIZE */ @Deprecated public static final Option HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE = Option.simple(UndertowOptions.class, "HTTP2_SETTINGS_MAX_HEADER_LIST_SIZE", Integer.class); /** * The maximum amount of padding to send in a HTTP/2 frame. Actual amount will be randomly determined, defaults to Zero.
UNIT: Bytes. */ public static final Option HTTP2_PADDING_SIZE = Option.simple(UndertowOptions.class, "HTTP2_PADDING_SIZE", Integer.class); /** * Undertow keeps a LRU cache of common huffman encodings. This sets the maximum size, setting this to 0 will disable the caching. * */ public static final Option HTTP2_HUFFMAN_CACHE_SIZE = Option.simple(UndertowOptions.class, "HTTP2_HUFFMAN_CACHE_SIZE", Integer.class); /** * The maximum number of concurrent requests that will be processed at a time. This differs from max concurrent streams in that it is not sent to the remote client. * * If the number of pending requests exceeds this number then requests will be queued, the difference between this and max concurrent streams determines * the maximum number of requests that will be queued. * * Queued requests are processed by a priority queue, rather than a FIFO based queue, using HTTP2 stream priority. * * If this number is smaller than or equal to zero then max concurrent streams determines the maximum number of streams that can be run. * * */ public static final Option MAX_CONCURRENT_REQUESTS_PER_CONNECTION = Option.simple(UndertowOptions.class, "MAX_CONCURRENT_REQUESTS_PER_CONNECTION", Integer.class); /** * The maximum number of buffers that will be used before reads are paused in framed protocols. Defaults to 10 */ public static final Option MAX_QUEUED_READ_BUFFERS = Option.simple(UndertowOptions.class, "MAX_QUEUED_READ_BUFFERS", Integer.class); /** * The maximum AJP packet size, default is 8192.
UNIT: Bytes. */ public static final Option MAX_AJP_PACKET_SIZE = Option.simple(UndertowOptions.class, "MAX_AJP_PACKET_SIZE", Integer.class); /** * If this is true then HTTP/1.1 requests will be failed if no host header is present. */ public static final Option REQUIRE_HOST_HTTP11 = Option.simple(UndertowOptions.class, "REQUIRE_HOST_HTTP11", Boolean.class); public static final int DEFAULT_MAX_CACHED_HEADER_SIZE = 150; /** * The maximum size of a header name+value combo that is cached in the per connection cache. Defaults to 150 */ public static final Option MAX_CACHED_HEADER_SIZE = Option.simple(UndertowOptions.class, "MAX_CACHED_HEADER_SIZE", Integer.class); public static final int DEFAULT_HTTP_HEADERS_CACHE_SIZE = 15; /** * The maximum number of headers that are cached per connection. Defaults to 15. If this is set to zero the cache is disabled. */ public static final Option HTTP_HEADERS_CACHE_SIZE = Option.simple(UndertowOptions.class, "HTTP_HEADERS_CACHE_SIZE", Integer.class); /** * If the SSLEngine should prefer the servers cipher version. Only applicable on JDK8+. */ public static final Option SSL_USER_CIPHER_SUITES_ORDER = Option.simple(UndertowOptions.class, "SSL_USER_CIPHER_SUITES_ORDER", Boolean.class); /** * This option forces {@link io.undertow.protocols.ssl.UndertowXnioSsl} to use a specific * name as the {@link javax.net.ssl.SNIHostName} for a client connection. If the option is * not set, the URL hostname is used when available (for URLs that do not use the IP address). * The option can be useful when connecting via IP but want to set a SNI hostname value. */ public static final Option SSL_SNI_HOSTNAME = Option.simple(UndertowOptions.class, "SSL_SNI_HOSTNAME", String.class); public static final Option ALLOW_UNESCAPED_CHARACTERS_IN_URL = Option.simple(UndertowOptions.class,"ALLOW_UNESCAPED_CHARACTERS_IN_URL", Boolean.class); /** * The server shutdown timeout in milliseconds after which the executor will be forcefully shut down interrupting * tasks which are still executing. * * There is no timeout by default.
UNIT: Milliseconds. */ public static final Option SHUTDOWN_TIMEOUT = Option.simple(UndertowOptions.class, "SHUTDOWN_TIMEOUT", Integer.class); /** * The endpoint identification algorithm, the empty string can be used to set none. * * @see javax.net.ssl.SSLParameters#setEndpointIdentificationAlgorithm(String) */ public static final Option ENDPOINT_IDENTIFICATION_ALGORITHM = Option.simple(UndertowOptions.class, "ENDPOINT_IDENTIFICATION_ALGORITHM", String.class); /** * The maximum numbers of frames that can be queued before reads are suspended. Once this number is hit then reads will not be resumed until {@link #QUEUED_FRAMES_LOW_WATER_MARK} * is hit. * * Defaults to 50 */ public static final Option QUEUED_FRAMES_HIGH_WATER_MARK = Option.simple(UndertowOptions.class, "QUEUED_FRAMES_HIGH_WATER_MARK", Integer.class); /** * The point at which reads will resume again after hitting the high water mark * * Defaults to 10 */ public static final Option QUEUED_FRAMES_LOW_WATER_MARK = Option.simple(UndertowOptions.class, "QUEUED_FRAMES_LOW_WATER_MARK", Integer.class); /** * The AJP protocol itself supports the passing of arbitrary request attributes. * The reverse proxy passes various information to the AJP connector using request attributes through AJP protocol. * Unrecognised request attributes will be ignored unless the entire attribute name matches this regular expression. * * If not specified, the default value is null. */ public static final Option AJP_ALLOWED_REQUEST_ATTRIBUTES_PATTERN = Option.simple(UndertowOptions.class, "AJP_ALLOWED_REQUEST_ATTRIBUTES_PATTERN", String.class); /** * If active request tracking should be enabled. This has a slight performance impact, and will only be honored if * ENABLE_STATISTICS is also enabled. * */ public static final Option TRACK_ACTIVE_REQUESTS = Option.simple(UndertowOptions.class, "TRACK_ACTIVE_REQUESTS", Boolean.class); /** * Default value of {@link #RST_FRAMES_TIME_WINDOW} option.
UNIT: Milliseconds. */ public static final int DEFAULT_RST_FRAMES_TIME_WINDOW = 30000; /** * Default value of {@link #MAX_RST_FRAMES_PER_WINDOW} option. */ public static final int DEFAULT_MAX_RST_FRAMES_PER_WINDOW = 200; /** * Window of time per which the number of HTTP2 RST received frames is measured, in milliseconds. * If a number of RST frames bigger than {@link #MAX_RST_FRAMES_PER_WINDOW} is received during this time window, * the server will send a GO_AWAY frame with error code 11 ({@code ENHANCE_YOUR_CALM}) and it will close the connection.
UNIT: Milliseconds. */ public static final Option RST_FRAMES_TIME_WINDOW = Option.simple(UndertowOptions.class, "MAX_RST_STREAM_TIME_WINDOW", Integer.class); /** * Maximum number of HTTP2 RST frames received allowed during a time window. * If a number of RST frames bigger than this limit is received during {@link #RST_FRAMES_TIME_WINDOW} milliseconds, * the server will send a GO_AWAY frame with error code 11 ({@code ENHANCE_YOUR_CALM}) and it will close the connection. */ public static final Option MAX_RST_FRAMES_PER_WINDOW = Option.simple(UndertowOptions.class, "MAX_RST_STREAMS_PER_TIME_WINDOW", Integer.class); private UndertowOptions() { } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy