nodejs
diff --git a/Collapse file
‎doc/api/errors.md‎
Copy file name to clipboardExpand all lines: doc/api/errors.md
+5Lines changed: 5 additions & 0 deletions
Display the source diff
Display the rich diff b/Collapse file
‎doc/api/errors.md‎
Copy file name to clipboardExpand all lines: doc/api/errors.md
+5Lines changed: 5 additions & 0 deletions
Display the source diff
Display the rich diff
diff --git a/Collapse file
‎doc/api/http.md‎
Copy file name to clipboardExpand all lines: doc/api/http.md
+17Lines changed: 17 additions & 0 deletions
Display the source diff
Display the rich diff b/Collapse file
‎doc/api/http.md‎
Copy file name to clipboardExpand all lines: doc/api/http.md
+17Lines changed: 17 additions & 0 deletions
Display the source diff
Display the rich diff
diff --git a/Collapse file
‎doc/api/https.md‎
Copy file name to clipboardExpand all lines: doc/api/https.md
+10Lines changed: 10 additions & 0 deletions
Display the source diff
Display the rich diff b/Collapse file
‎doc/api/https.md‎
Copy file name to clipboardExpand all lines: doc/api/https.md
+10Lines changed: 10 additions & 0 deletions
Display the source diff
Display the rich diff
diff --git a/Collapse file
‎lib/_http_common.js‎
Copy file name to clipboardExpand all lines: lib/_http_common.js
+8Lines changed: 8 additions & 0 deletions b/Collapse file
‎lib/_http_common.js‎
Copy file name to clipboardExpand all lines: lib/_http_common.js
+8Lines changed: 8 additions & 0 deletions
diff --git a/Collapse file
‎lib/_http_server.js‎
Copy file name to clipboardExpand all lines: lib/_http_server.js
+83-2Lines changed: 83 additions & 2 deletions b/Collapse file
‎lib/_http_server.js‎
Copy file name to clipboardExpand all lines: lib/_http_server.js
+83-2Lines changed: 83 additions & 2 deletions
diff --git a/Collapse file
‎lib/https.js‎
Copy file name to clipboardExpand all lines: lib/https.js
+1Lines changed: 1 addition & 0 deletions b/Collapse file
‎lib/https.js‎
Copy file name to clipboardExpand all lines: lib/https.js
+1Lines changed: 1 addition & 0 deletions
diff --git a/Collapse file
‎lib/internal/errors.js‎
Copy file name to clipboardExpand all lines: lib/internal/errors.js
+1Lines changed: 1 addition & 0 deletions b/Collapse file
‎lib/internal/errors.js‎
Copy file name to clipboardExpand all lines: lib/internal/errors.js
+1Lines changed: 1 addition & 0 deletions
diff --git a/Collapse file
‎src/node_http_parser.cc‎
Copy file name to clipboardExpand all lines: src/node_http_parser.cc
+22-6Lines changed: 22 additions & 6 deletions b/Collapse file
‎src/node_http_parser.cc‎
Copy file name to clipboardExpand all lines: src/node_http_parser.cc
+22-6Lines changed: 22 additions & 6 deletions
diff --git a/Collapse file
‎test/parallel/test-http-server-request-timeout-delayed-body.js‎
Copy file name to clipboard
+62Lines changed: 62 additions & 0 deletions b/Collapse file
‎test/parallel/test-http-server-request-timeout-delayed-body.js‎
Copy file name to clipboard
+62Lines changed: 62 additions & 0 deletions
@@ -940,6 +940,11 @@ allowed size for a `Buffer`.
 An invalid symlink type was passed to the [`fs.symlink()`][] or
 [`fs.symlinkSync()`][] methods.
 
+<a id="ERR_HTTP_REQUEST_TIMEOUT"></a>
+### `ERR_HTTP_REQUEST_TIMEOUT`
+
+The client has not sent the entire request within the allowed time.
+
 <a id="ERR_HTTP_HEADERS_SENT"></a>
 ### `ERR_HTTP_HEADERS_SENT`
 
 
@@ -1256,6 +1256,23 @@ added: v0.7.0
 
 Limits maximum incoming headers count. If set to 0, no limit will be applied.
 
+### `server.requestTimeout`
+<!-- YAML
+added: REPLACEME
+-->
+
+* {number} **Default:** `0`
+
+Sets the timeout value in milliseconds for receiving the entire request from
+the client.
+
+If the timeout expires, the server responds with status 408 without
+forwarding the request to the request listener and then closes the connection.
+
+It must be set to a non-zero value (e.g. 120 seconds) to proctect against
+potential Denial-of-Service attacks in case the server is deployed without a
+reverse proxy in front.
+
 ### `server.setTimeout([msecs][, callback])`
 <!-- YAML
 added: v0.9.12
 
@@ -113,6 +113,15 @@ This method is identical to [`server.listen()`][] from [`net.Server`][].
 
 See [`http.Server#maxHeadersCount`][].
 
+### `server.requestTimeout`
+<!-- YAML
+added: REPLACEME
+-->
+
+* {number} **Default:** `0`
+
+See [`http.Server#requestTimeout`][].
+
 ### `server.setTimeout([msecs][, callback])`
 <!-- YAML
 added: v0.11.2
@@ -449,6 +458,7 @@ headers: max-age=0; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; p
 [`http.Server#headersTimeout`]: http.html#http_server_headerstimeout
 [`http.Server#keepAliveTimeout`]: http.html#http_server_keepalivetimeout
 [`http.Server#maxHeadersCount`]: http.html#http_server_maxheaderscount
+[`http.Server#requestTimeout`]: http.html#http_server_requesttimeout
 [`http.Server#setTimeout()`]: http.html#http_server_settimeout_msecs_callback
 [`http.Server#timeout`]: http.html#http_server_timeout
 [`http.Server`]: http.html#http_class_http_server
 
@@ -44,6 +44,7 @@ let debug = require('internal/util/debuglog').debuglog('http', (fn) => {
 });
 
 const kIncomingMessage = Symbol('IncomingMessage');
+const kRequestTimeout = Symbol('RequestTimeout');
 const kOnHeaders = HTTPParser.kOnHeaders | 0;
 const kOnHeadersComplete = HTTPParser.kOnHeadersComplete | 0;
 const kOnBody = HTTPParser.kOnBody | 0;
@@ -99,6 +100,12 @@ function parserOnHeadersComplete(versionMajor, versionMinor, headers, method,
   incoming.url = url;
   incoming.upgrade = upgrade;
 
+  if (socket) {
+    debug('requestTimeout timer moved to req');
+    incoming[kRequestTimeout] = incoming.socket[kRequestTimeout];
+    incoming.socket[kRequestTimeout] = undefined;
+  }
+
   let n = headers.length;
 
   // If parser.maxHeaderPairs <= 0 assume that there's no limit.
@@ -264,6 +271,7 @@ module.exports = {
   methods,
   parsers,
   kIncomingMessage,
+  kRequestTimeout,
   HTTPParser,
   isLenient,
   prepareError,
 
@@ -40,6 +40,7 @@ const {
   continueExpression,
   chunkExpression,
   kIncomingMessage,
+  kRequestTimeout,
   HTTPParser,
   isLenient,
   _checkInvalidHeaderChar: checkInvalidHeaderChar,
@@ -57,6 +58,7 @@ const {
 } = require('internal/async_hooks');
 const { IncomingMessage } = require('_http_incoming');
 const {
+  ERR_HTTP_REQUEST_TIMEOUT,
   ERR_HTTP_HEADERS_SENT,
   ERR_HTTP_INVALID_STATUS_CODE,
   ERR_INVALID_ARG_TYPE,
@@ -72,6 +74,7 @@ const {
   DTRACE_HTTP_SERVER_RESPONSE
 } = require('internal/dtrace');
 const { observerCounts, constants } = internalBinding('performance');
+const { setTimeout, clearTimeout } = require('timers');
 const { NODE_PERFORMANCE_ENTRY_TYPE_HTTP } = constants;
 
 const kServerResponse = Symbol('ServerResponse');
@@ -143,6 +146,7 @@ const STATUS_CODES = {
   511: 'Network Authentication Required' // RFC 6585 6
 };
 
+const kOnMessageBegin = HTTPParser.kOnMessageBegin | 0;
 const kOnExecute = HTTPParser.kOnExecute | 0;
 const kOnTimeout = HTTPParser.kOnTimeout | 0;
 
@@ -360,6 +364,7 @@ function Server(options, requestListener) {
   this.keepAliveTimeout = 5000;
   this.maxHeadersCount = null;
   this.headersTimeout = 60 * 1000; // 60 seconds
+  this.requestTimeout = 0; // 120 seconds
 }
 ObjectSetPrototypeOf(Server.prototype, net.Server.prototype);
 ObjectSetPrototypeOf(Server, net.Server);
@@ -481,6 +486,16 @@ function connectionListenerInternal(server, socket) {
   parser[kOnTimeout] =
     onParserTimeout.bind(undefined, server, socket);
 
+  // When receiving new requests on the same socket (pipelining or keep alive)
+  // make sure the requestTimeout is active.
+  parser[kOnMessageBegin] =
+    setRequestTimeout.bind(undefined, server, socket);
+
+  // This protects from DOS attack where an attacker establish the connection
+  // without sending any data on applications where server.timeout is left to
+  // the default value of zero.
+  setRequestTimeout(server, socket);
+
   socket._paused = false;
 }
 
@@ -567,6 +582,11 @@ function socketOnData(server, socket, parser, state, d) {
   onParserExecuteCommon(server, socket, parser, state, ret, d);
 }
 
+function onRequestTimeout(socket) {
+  socket[kRequestTimeout] = undefined;
+  socketOnError.call(socket, new ERR_HTTP_REQUEST_TIMEOUT());
+}
+
 function onParserExecute(server, socket, parser, state, ret) {
   // When underlying `net.Socket` instance is consumed - no
   // `data` events are emitted, and thus `socket.setTimeout` fires the
@@ -589,6 +609,10 @@ const badRequestResponse = Buffer.from(
   `HTTP/1.1 400 ${STATUS_CODES[400]}${CRLF}` +
   `Connection: close${CRLF}${CRLF}`, 'ascii'
 );
+const requestTimeoutResponse = Buffer.from(
+  `HTTP/1.1 408 ${STATUS_CODES[408]}${CRLF}` +
+  `Connection: close${CRLF}${CRLF}`, 'ascii'
+);
 const requestHeaderFieldsTooLargeResponse = Buffer.from(
   `HTTP/1.1 431 ${STATUS_CODES[431]}${CRLF}` +
   `Connection: close${CRLF}${CRLF}`, 'ascii'
@@ -600,8 +624,20 @@ function socketOnError(e) {
 
   if (!this.server.emit('clientError', e, this)) {
     if (this.writable && this.bytesWritten === 0) {
-      const response = e.code === 'HPE_HEADER_OVERFLOW' ?
-        requestHeaderFieldsTooLargeResponse : badRequestResponse;
+      let response;
+
+      switch (e.code) {
+        case 'HPE_HEADER_OVERFLOW':
+          response = requestHeaderFieldsTooLargeResponse;
+          break;
+        case 'ERR_HTTP_REQUEST_TIMEOUT':
+          response = requestTimeoutResponse;
+          break;
+        default:
+          response = badRequestResponse;
+          break;
+      }
+
       this.write(response);
     }
     this.destroy(e);
@@ -641,11 +677,20 @@ function onParserExecuteCommon(server, socket, parser, state, ret, d) {
       const bodyHead = d.slice(ret, d.length);
 
       socket.readableFlowing = null;
+
+      // Clear the requestTimeout after upgrading the connection.
+      clearRequestTimeout(req);
+
       server.emit(eventName, req, socket, bodyHead);
     } else {
       // Got CONNECT method, but have no handler.
       socket.destroy();
     }
+  } else {
+    // When receiving new requests on the same socket (pipelining or keep alive)
+    // make sure the requestTimeout is active.
+    parser[kOnMessageBegin] =
+      setRequestTimeout.bind(undefined, server, socket);
   }
 
   if (socket._paused && socket.parser) {
@@ -671,6 +716,32 @@ function clearIncoming(req) {
   }
 }
 
+function setRequestTimeout(server, socket) {
+  // Set the request timeout handler.
+  if (
+    !socket[kRequestTimeout] &&
+    server.requestTimeout && server.requestTimeout > 0
+  ) {
+    debug('requestTimeout timer set');
+    socket[kRequestTimeout] =
+      setTimeout(onRequestTimeout, server.requestTimeout, socket).unref();
+  }
+}
+
+function clearRequestTimeout(req) {
+  if (!req) {
+    req = this;
+  }
+
+  if (!req[kRequestTimeout]) {
+    return;
+  }
+
+  debug('requestTimeout timer cleared');
+  clearTimeout(req[kRequestTimeout]);
+  req[kRequestTimeout] = undefined;
+}
+
 function resOnFinish(req, res, socket, state, server) {
   // Usually the first incoming element should be our request.  it may
   // be that in the case abortIncoming() was called that the incoming
@@ -685,6 +756,14 @@ function resOnFinish(req, res, socket, state, server) {
   if (!req._consuming && !req._readableState.resumeScheduled)
     req._dump();
 
+  // Make sure the requestTimeout is cleared before finishing.
+  // This might occur if the application has sent a response
+  // without consuming the request body, which would have alredy
+  // cleared the timer.
+  // clearRequestTimeout can be executed even if the timer is not active,
+  // so this is safe.
+  clearRequestTimeout(req);
+
   res.detachSocket(socket);
   clearIncoming(req);
   process.nextTick(emitCloseNT, res);
@@ -779,6 +858,8 @@ function parserOnIncoming(server, socket, state, req, keepAlive) {
       res.end();
     }
   } else {
+    req.on('end', clearRequestTimeout);
+
     server.emit('request', req, res);
   }
   return 0;  // No special treatment.
 
@@ -80,6 +80,7 @@ function Server(opts, requestListener) {
   this.keepAliveTimeout = 5000;
   this.maxHeadersCount = null;
   this.headersTimeout = 60 * 1000; // 60 seconds
+  this.requestTimeout = 120 * 1000; // 120 seconds
 }
 ObjectSetPrototypeOf(Server.prototype, tls.Server.prototype);
 ObjectSetPrototypeOf(Server, tls.Server);
 
@@ -936,6 +936,7 @@ E('ERR_HTTP_HEADERS_SENT',
 E('ERR_HTTP_INVALID_HEADER_VALUE',
   'Invalid value "%s" for header "%s"', TypeError);
 E('ERR_HTTP_INVALID_STATUS_CODE', 'Invalid status code: %s', RangeError);
+E('ERR_HTTP_REQUEST_TIMEOUT', 'Request timeout', Error);
 E('ERR_HTTP_TRAILER_INVALID',
   'Trailers are invalid with this transfer encoding', Error);
 E('ERR_INCOMPATIBLE_OPTION_PAIR',
 
@@ -69,12 +69,13 @@ using v8::Uint32;
 using v8::Undefined;
 using v8::Value;
 
-const uint32_t kOnHeaders = 0;
-const uint32_t kOnHeadersComplete = 1;
-const uint32_t kOnBody = 2;
-const uint32_t kOnMessageComplete = 3;
-const uint32_t kOnExecute = 4;
-const uint32_t kOnTimeout = 5;
+const uint32_t kOnMessageBegin = 0;
+const uint32_t kOnHeaders = 1;
+const uint32_t kOnHeadersComplete = 2;
+const uint32_t kOnBody = 3;
+const uint32_t kOnMessageComplete = 4;
+const uint32_t kOnExecute = 5;
+const uint32_t kOnTimeout = 6;
 // Any more fields than this will be flushed into JS
 const size_t kMaxHeaderFieldsCount = 32;
 
@@ -204,6 +205,19 @@ class Parser : public AsyncWrap, public StreamListener {
     url_.Reset();
     status_message_.Reset();
     header_parsing_start_time_ = uv_hrtime();
+
+    Local<Value> cb = object()->Get(env()->context(), kOnMessageBegin)
+                              .ToLocalChecked();
+    if (cb->IsFunction()) {
+      InternalCallbackScope callback_scope(
+        this, InternalCallbackScope::kSkipTaskQueues);
+
+      MaybeLocal<Value> r = cb.As<Function>()->Call(
+        env()->context(), object(), 0, nullptr);
+
+      if (r.IsEmpty()) callback_scope.MarkAsFailed();
+    }
+
     return 0;
   }
 
@@ -939,6 +953,8 @@ void InitializeHttpParser(Local<Object> target,
          Integer::New(env->isolate(), HTTP_REQUEST));
   t->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "RESPONSE"),
          Integer::New(env->isolate(), HTTP_RESPONSE));
+  t->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "kOnMessageBegin"),
+         Integer::NewFromUnsigned(env->isolate(), kOnMessageBegin));
   t->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "kOnHeaders"),
          Integer::NewFromUnsigned(env->isolate(), kOnHeaders));
   t->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "kOnHeadersComplete"),
 
@@ -0,0 +1,62 @@
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+const { createServer } = require('http');
+const { connect } = require('net');
+
+// This test validates that the server returns 408
+// after server.requestTimeout if the client
+// pauses before start sending the body.
+
+const server = createServer(common.mustCall((req, res) => {
+  let body = '';
+  req.setEncoding('utf-8');
+
+  req.on('data', (chunk) => {
+    body += chunk;
+  });
+
+  req.on('end', () => {
+    res.writeHead(200, { 'Content-Type': 'text/plain' });
+    res.write(body);
+    res.end();
+  });
+}));
+
+// 0 seconds is the default
+assert.strictEqual(server.requestTimeout, 0);
+const requestTimeout = common.platformTimeout(1000);
+server.requestTimeout = requestTimeout;
+assert.strictEqual(server.requestTimeout, requestTimeout);
+
+server.listen(0, common.mustCall(() => {
+  const client = connect(server.address().port);
+  let response = '';
+
+  client.on('data', common.mustCall((chunk) => {
+    response += chunk.toString('utf-8');
+  }));
+
+  client.resume();
+  client.write('POST / HTTP/1.1\r\n');
+  client.write('Content-Length: 20\r\n');
+  client.write('Connection: close\r\n');
+  client.write('\r\n');
+
+  setTimeout(() => {
+    client.write('12345678901234567890\r\n\r\n');
+  }, common.platformTimeout(2000)).unref();
+
+  const errOrEnd = common.mustCall(function(err) {
+    console.log(err);
+    assert.strictEqual(
+      response,
+      'HTTP/1.1 408 Request Timeout\r\nConnection: close\r\n\r\n'
+    );
+    server.close();
+  });
+
+  client.on('end', errOrEnd);
+  client.on('error', errOrEnd);
+}));
Original file line number	Diff line number	Diff line change
`@@ -80,6 +80,7 @@ function Server(opts, requestListener) {`
`80`	`80`	`this.keepAliveTimeout = 5000;`
`81`	`81`	`this.maxHeadersCount = null;`
`82`	`82`	`this.headersTimeout = 60 * 1000; // 60 seconds`
	`83`	`+ this.requestTimeout = 120 * 1000; // 120 seconds`
`83`	`84`	`}`
`84`	`85`	`ObjectSetPrototypeOf(Server.prototype, tls.Server.prototype);`
`85`	`86`	`ObjectSetPrototypeOf(Server, tls.Server);`