Skip to content

Rebalance Kestrel's Known headers collection #31492

Open
Open
Rebalance Kestrel's Known headers collection#31492
Labels
area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractionsdesign-proposalThis issue represents a design proposal for a different issue, linked in the descriptionfeature-kestrel
Milestone
Backlog
@Tratcher

Description

@Tratcher
Tratcher
opened on Apr 2, 2021

Related to (#31374) @halter73 @benaadams @davidfowl

Kestrel has a fancy KnownHeaders collection for efficient handling of common request and response headers.

aspnetcore/src/Servers/Kestrel/shared/KnownHeaders.cs

Lines 16 to 31 in bc1ff6a

public class KnownHeaders
{
public readonly static KnownHeader[] RequestHeaders;
public readonly static KnownHeader[] ResponseHeaders;
public readonly static KnownHeader[] ResponseTrailers;
public readonly static long InvalidH2H3ResponseHeadersBits;
static KnownHeaders()
{
var requestPrimaryHeaders = new[]
{
HeaderNames.Accept,
HeaderNames.Connection,
HeaderNames.Host,
HeaderNames.UserAgent
};

These lists have grown organically and should be revisited. We don't want to add too many entries since it makes the types consume more memory, but we do want to ensure most common headers are represented so we can avoid the slow path.

I've compared the current lists with headers customers have reported seeing in production. Here are some of the discrepancies:

Seen in the wild: Kestrel: Notes
Allow Defined in commonHeaders, but only applies to responses? https://tools.ietf.org/html/rfc7231#section-7.4.1
Authorization
Baggage
authority
bypass
cacheresponse
Client-IP
clientip
Content-Encoding Defined in commonHeaders, but mainly used on responses
Content-Language Defined in commonHeaders, but mainly used on responses
Content-Location Defined in commonHeaders, but mainly used on responses
Content-MD5 Defined in commonHeaders, but mainly used on responses
Content-Range Defined in commonHeaders, but only applies to responses? https://tools.ietf.org/html/rfc7233#section-4.2
ContentType
E2EActivity
el_auth_param
Expires
Forwarded https://tools.ietf.org/html/rfc7239
forwarded-for
gb-branch
gb-no-cache
guzzle-retry
From Uncommon
Grpc-Accept-Encoding
Grpc-Encoding
Grpc-Timeout
http_accept_language
If-Match
If-Modified-Since
If-None-Match
If-Range
If-Unmodified-Since
Keep-Alive
Last-Modified Defined in commonHeaders, but mainly used on responses
LatencyPerfCounterName
Lcid
newrelic
OData-MaxVersion
OData-Version
okversion
postman-token
Proxy-Authorization Kestrel rarely acts as a forward proxy
Prefer https://tools.ietf.org/html/rfc7240
Proxy-Connection
proxy-tool
Request-Context
Save-Data
sec-ch-ua https://wicg.github.io/ua-client-hints/
Sec-Ch-Ua-Mobile
Sec-Fetch-Dest https://w3c.github.io/webappsec-fetch-metadata/#sec-fetch-mode-header
Sec-Fetch-Mode
Sec-Fetch-Site
sec-fetch-user
sec-gpc https://globalprivacycontrol.github.io/gpc-spec/
Sec-GPC
sentry-trace
Soapaction
ssodisabled
Surrogate-Capability
transaction-id
Trailer Defined in commonHeaders, but mainly used on responses
Translate
Upgrade
unique-id
Warning
X_CHAN
X_GLS
X_grg
X_sn
X_ts
X-ARR-LOG-ID
X-ARR-SSL
x-country-code
x-dt-no-cache
x-finder-tools
X-Forwarded-For
x-im-piez
X-IMForwards
X-IWS-Via
x-lgi-host
x-no-varnish
X-Original-URL
x-originating-ip
x-p2p-peerdist
x-p2p-peerdistex
X-ProxyUser-IP
x-remote-addr
x-remote-ip
X-Requested-With
x-serverselect
X-Trace
Xxpect

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-networkingIncludes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractionsdesign-proposalThis issue represents a design proposal for a different issue, linked in the descriptionfeature-kestrel

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions