Silent disconnect on very long request URLs

[kamyuentse]

As iron/iron#563 mentioned, hyper close connection silently on very long request URLs.

The slice of the log shown bellow:

TRACE:hyper::proto::conn                        : Conn::read_head
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 8192])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 16384])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 32768])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 65536])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 131072])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 262144])
TRACE:hyper::proto::h1::parse                   : Request.parse([Header; 100], [u8; 524288])
==> DEBUG:hyper::proto::io                          : MAX_BUFFER_SIZE reached, closing
==> TRACE:hyper::proto::conn                        : State::close_read()
==> DEBUG:hyper::proto::conn                        : parse error (Message head is too large) with 524288 bytes

I think hyper should define the MAX_URI_LENGTH, or make it configurable. When the length of a request's URI exceed that value, hyper send a response with 414 (Request URI too long) status code to client instead of closing the connection silently.

[seanmonstar]

Very true, this should likely both be configurable and probably also correctly try to write a 4xx response before closing.

(Also, wow, a URL over 400,000 bytes?!)

[davechallis]

@seanmonstar Yeah, that is a silly URL length :) It came up as we're investigating migrating a Java HTTP service to a Rust one, so have some extensive tests we're running against both to ensure it's suitable for our purposes (as well as usual benchmarks, we're also seeing how it handles broken data, huge data, etc.).