What works:
- HTTP/2 over TLS1.2 with ALPN
- Request and response flow
- Headers are compressed and decompressed with HPACK
- Request body can be read by streams (if present)
- MVC template app with individual auth works fine
- PRIORITY frames are validated
- RST_STREAM frames are validated and abort streams
- SETTINGS frames are validated and ACKed
- PING frames are validated and ACKed
- GOAWAY frames stop connections
- WINDOW_UPDATE frames are validated
- CONTINUATION frames are sent for large header blocks
What doesn't work yet:
- Flow control in either direction
- It's not possible to encode a single header across more than one frame
- Affects only a very large header (name and value combined ~16KB long)
- Request trailers
- Response trailers
- Limits and timeouts in `KestrelServerLimits` are not enforced on HTTP/2
- HPACK use is very limited on the send side
- Literals are not Huffman-encoded
- Common headers (e.g. "server: Kestrel") are never indexed
- Honoring client settings
- Some error checking is still missing (e.g. validating incoming frame size)
- Added new options to allow configuring the maximum number of concurrent connections and upgraded connections.
- `KestrelServerLimits.MaxConcurrentConnections` defaults unlimited.
- `KestrelServerLimits.MaxConcurrentUpgradedConnections` defaults to unlimited.
- Calls to IHttpUpgradeFeature.UpgradeAsync() will throw when the MaxConcurrentUpgradedConnections limit has been reached.
- Kestrel will close new connections without response when MaxConcurrentConnections is reached.
Improves Kestrel to reject requests that don't conform to HTTP spec.
RFC 7230 section 5.4: "A server MUST respond with a 400 (Bad Request)
status code to any HTTP/1.1 request message that lacks a Host header
field and to any request message that contains more than one Host
header field or a Host header field with an invalid field-value."
See https://tools.ietf.org/html/rfc7230#section-5.4.
Other changes:
- update VS code settings to work better with CLI 2.0
- update tests that were subject to infinite hangs
Cesar Blum Silveira
Nate McMaster
Nate McMaster