fix(naming, docs): change http/2 config option name

.changesets/fix_http2_header_size_config_name.md

@@ -0,0 +1,6 @@
+### Fix HTTP/2 header size limit config option name ([PR #8730](https://github.com/apollographql/router/pull/8730))
+
+The configuration option for HTTP/2 header size limits has been renamed from `http2_max_headers_list_bytes` to `http2_max_headers_list_size` for consistency with naming conventions.
+
+
+By [@aaronArinder](https://github.com/aaronArinder) in https://github.com/apollographql/router/pull/8730

apollo-router/src/axum_factory/listeners.rs

@@ -317,7 +317,7 @@ pub(super) fn serve_router_on_listen_addr(
 ) -> (impl Future<Output = Listener>, oneshot::Sender<()>) {
     let opt_max_http1_headers = configuration.limits.http1_max_request_headers;
     let opt_max_http1_buf_size = configuration.limits.http1_max_request_buf_size;
-    let opt_max_http2_headers_list_bytes = configuration.limits.http2_max_headers_list_bytes;
+    let opt_max_http2_headers_list_bytes = configuration.limits.http2_max_headers_list_size;
     let connection_shutdown_timeout = configuration.supergraph.connection_shutdown_timeout;
     let header_read_timeout = configuration.server.http.header_read_timeout;
 

apollo-router/src/plugins/limits/mod.rs

@@ -120,7 +120,7 @@ pub(crate) struct Config {
     /// If router receives more headers than allowed size of the header list, it responds to the client with
     /// "431 Request Header Fields Too Large".
     #[schemars(with = "Option<String>", default)]
-    pub(crate) http2_max_headers_list_bytes: Option<ByteSize>,
+    pub(crate) http2_max_headers_list_size: Option<ByteSize>,
 
     /// Limit the depth of nested list fields in introspection queries
     /// to protect avoid generating huge responses. Returns a GraphQL
@@ -142,7 +142,7 @@ impl Default for Config {
             http_max_request_bytes: 2_000_000,
             http1_max_request_headers: None,
             http1_max_request_buf_size: None,
-            http2_max_headers_list_bytes: None,
+            http2_max_headers_list_size: None,
             parser_max_tokens: 15_000,
 
             // This is `apollo-parser`’s default, which protects against stack overflow

apollo-router/tests/integration/fixtures/tcp.header_limited.router.yml

@@ -4,4 +4,4 @@ supergraph:
 limits:
   http1_max_request_headers: 100
   http1_max_request_buf_size: "16000"
-  http2_max_headers_list_bytes: "20Mib"
+  http2_max_headers_list_size: "20Mib"

apollo-router/tests/integration/fixtures/tls.header_limited.router.yml

@@ -4,7 +4,7 @@ supergraph:
 limits:
   http1_max_request_headers: 100
   http1_max_request_buf_size: "16000"
-  http2_max_headers_list_bytes: "20Mib"
+  http2_max_headers_list_size: "20Mib"
 
 tls:
   supergraph:

apollo-router/tests/integration/fixtures/unix.header_limited.router.yml

@@ -4,4 +4,4 @@ supergraph:
 limits:
   http1_max_request_headers: 100
   http1_max_request_buf_size: "16000"
-  http2_max_headers_list_bytes: "20Mib"
+  http2_max_headers_list_size: "20Mib"

docs/shared/config/limits.mdx

@@ -4,6 +4,7 @@
 limits:
   http1_max_request_buf_size: null
   http1_max_request_headers: null
+  http2_max_headers_list_size: null
   http_max_request_bytes: 2000000
   introspection_max_depth: true
   max_aliases: null

docs/shared/router-config-properties-table.mdx

@@ -449,6 +449,7 @@ Configuration for operation limits, parser limits, HTTP limits, etc.
 limits:
   http1_max_request_buf_size: null
   http1_max_request_headers: null
+  http2_max_headers_list_size: null
   http_max_request_bytes: 2000000
   introspection_max_depth: true
   max_aliases: null

docs/shared/router-yaml-complete.mdx

@@ -230,6 +230,7 @@ license_enforcement: {}
 limits:
   http1_max_request_buf_size: null
   http1_max_request_headers: null
+  http2_max_headers_list_size: null
   http_max_request_bytes: 2000000
   introspection_max_depth: true
   max_aliases: null

docs/source/routing/security/request-limits.mdx

@@ -17,6 +17,7 @@
   http_max_request_bytes: 2000000 # Default value: 2 MB
   http1_max_request_headers: 200 # Default value: 100
   http1_max_request_buf_size: 800kb # Default value: 400kib
+  http2_max_headers_list_size: 32kb # Default value: 16kb, but is subject to change
 
   # Parser-based limits
   parser_max_tokens: 15000 # Default value
@@ -291,6 +292,12 @@
 
 Limit the maximum buffer size for the HTTP1 connection. Default is ~400kib.
 
+### `http2_max_headers_list_size`
+
+Limit the maximum size of the HTTP/2 header list. Default is 16KiB, but is subject to change.
+
+If the router receives a request with HTTP/2 headers whose total size exceeds the configured limit, it responds to the client with `431 Request Header Fields Too Large`.
+
 ## Parser-based limits
 
 ### `parser_max_tokens`