Apply MaxResponseHeadersLength limit (#412)HEADmain

2 files changed, 6 insertions, 4 deletions

diff --git a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ChunkedEncodingReadStream.cs b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ChunkedEncodingReadStream.cs
index d10a2233dc..653f9678ef 100644
--- a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ChunkedEncodingReadStream.cs
+++ b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/ChunkedEncodingReadStream.cs
@@ -21,8 +21,6 @@ namespace System.Net.Http
             /// infinite chunk length is sent.  This value is arbitrary and can be changed as needed.
             /// </remarks>
             private const int MaxChunkBytesAllowed = 16*1024;
-            /// <summary>How long a trailing header can be.  This value is arbitrary and can be changed as needed.</summary>
-            private const int MaxTrailingHeaderLength = 16*1024;
             /// <summary>The number of bytes remaining in the chunk.</summary>
             private ulong _chunkBytesRemaining;
             /// <summary>The current state of the parsing state machine for the chunked response.</summary>
@@ -255,6 +253,9 @@ namespace System.Net.Http
                             else
                             {
                                 _state = ParsingState.ConsumeTrailers;
+                                // Apply the MaxResponseHeadersLength limit to all trailing headers.
+                                // The limit is applied to regular response headers and trailing headers separately.
+                                _connection._allowedReadLineBytes = _connection.MaxResponseHeadersLength;
                                 goto case ParsingState.ConsumeTrailers;
                             }
 
@@ -301,7 +302,6 @@ namespace System.Net.Http
 
                             while (true)
                             {
-                                _connection._allowedReadLineBytes = MaxTrailingHeaderLength;
                                 if (!_connection.TryReadNextLine(out currentLine))
                                 {
                                     break;
diff --git a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnection.cs b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnection.cs
index 6374d98241..d017af9c7e 100644
--- a/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnection.cs
+++ b/src/System.Net.Http/src/System/Net/Http/SocketsHttpHandler/HttpConnection.cs
@@ -262,6 +262,8 @@ namespace System.Net.Http
 
         public HttpConnectionKind Kind => _pool.Kind;
 
+        private int MaxResponseHeadersLength => (int)Math.Min(int.MaxValue, _pool.Settings._maxResponseHeadersLength * 1024L);
+
         private int ReadBufferSize => _readBuffer.Length;
 
         private ReadOnlyMemory<byte> RemainingBuffer => new ReadOnlyMemory<byte>(_readBuffer, _readOffset, _readLength - _readOffset);
@@ -535,7 +537,7 @@ namespace System.Net.Http
                 }
 
                 // Start to read response.
-                _allowedReadLineBytes = (int)Math.Min(int.MaxValue, _pool.Settings._maxResponseHeadersLength * 1024L);
+                _allowedReadLineBytes = MaxResponseHeadersLength;
 
                 // We should not have any buffered data here; if there was, it should have been treated as an error
                 // by the previous request handling.  (Note we do not support HTTP pipelining.)