Add option for setting max query params

Relates to: quarkusio/quarkus#47431

Author: geoand

vertx-core/src/main/generated/io/vertx/core/http/HttpServerOptionsConverter.java

@@ -87,6 +87,11 @@ static void fromJson(Iterable<java.util.Map.Entry<String, Object>> json, HttpSer
             obj.setMaxFormBufferedBytes(((Number)member.getValue()).intValue());
           }
           break;
+        case "maxQueryParams":
+          if (member.getValue() instanceof Number) {
+            obj.setMaxQueryParams(((Number)member.getValue()).intValue());
+          }
+          break;
         case "initialSettings":
           if (member.getValue() instanceof JsonObject) {
             obj.setInitialSettings(new io.vertx.core.http.Http2Settings((io.vertx.core.json.JsonObject)member.getValue()));
@@ -214,6 +219,7 @@ static void toJson(HttpServerOptions obj, java.util.Map<String, Object> json) {
     json.put("maxFormAttributeSize", obj.getMaxFormAttributeSize());
     json.put("maxFormFields", obj.getMaxFormFields());
     json.put("maxFormBufferedBytes", obj.getMaxFormBufferedBytes());
+    json.put("maxQueryParams", obj.getMaxQueryParams());
     if (obj.getInitialSettings() != null) {
       json.put("initialSettings", obj.getInitialSettings().toJson());
     }

vertx-core/src/main/java/io/vertx/core/http/HttpServerConfig.java

@@ -62,6 +62,7 @@ private static TcpServerConfig defaultTcpServerConfig() {
   private int maxFormAttributeSize;
   private int maxFormFields;
   private int maxFormBufferedBytes;
+  private int maxQueryParams;
   private boolean handle100ContinueAutomatically;
   private ServerSSLOptions sslOptions;
   private boolean strictThreadMode;
@@ -91,6 +92,7 @@ public HttpServerConfig(HttpServerOptions options) {
     this.maxFormAttributeSize = options.getMaxFormAttributeSize();
     this.maxFormFields = options.getMaxFormFields();
     this.maxFormBufferedBytes = options.getMaxFormBufferedBytes();
+    this.maxQueryParams = options.getMaxQueryParams();
     this.handle100ContinueAutomatically = options.isHandle100ContinueAutomatically();
     this.sslOptions = options.getSslOptions() != null ? new ServerSSLOptions(options.getSslOptions()) : null;
     this.strictThreadMode = options.getStrictThreadMode();
@@ -369,6 +371,13 @@ public int getMaxFormFields() {
     return maxFormFields;
   }
 
+  /**
+   * @return Returns the maximum number of query params
+   */
+  public int getMaxQueryParams() {
+    return maxQueryParams;
+  }
+
   /**
    * Set the maximum number of fields of a form. Set to {@code -1} to allow unlimited number of attributes
    *

vertx-core/src/main/java/io/vertx/core/http/HttpServerOptions.java

@@ -101,6 +101,11 @@ public class HttpServerOptions extends NetServerOptions {
    */
   public static final int DEFAULT_MAX_FORM_BUFFERED_SIZE = 1024;
 
+  /**
+   * Default max number of query params = 1024
+   */
+  public static final int DEFAULT_MAX_QUERY_PARAMS = 1024;
+
   /**
    * Default value of whether 100-Continue should be handled automatically = {@code false}
    */
@@ -209,6 +214,7 @@ public class HttpServerOptions extends NetServerOptions {
   private int maxFormAttributeSize;
   private int maxFormFields;
   private int maxFormBufferedBytes;
+  private int maxQueryParams;
   private Http1ServerConfig http1Config;
   private Http2ServerConfig http2Config;
   private WebSocketServerConfig webSocketConfig;
@@ -239,6 +245,7 @@ public HttpServerOptions(HttpServerOptions other) {
     this.maxFormAttributeSize = other.getMaxFormAttributeSize();
     this.maxFormFields = other.getMaxFormFields();
     this.maxFormBufferedBytes = other.getMaxFormBufferedBytes();
+    this.maxQueryParams = other.getMaxQueryParams();
     this.compressionLevel = other.getCompressionLevel();
     this.compression = other.compression != null ? new HttpCompressionConfig(other.compression) : new HttpCompressionConfig();
     this.handle100ContinueAutomatically = other.handle100ContinueAutomatically;
@@ -278,6 +285,7 @@ private void init() {
     maxFormAttributeSize = DEFAULT_MAX_FORM_ATTRIBUTE_SIZE;
     maxFormFields = DEFAULT_MAX_FORM_FIELDS;
     maxFormBufferedBytes = DEFAULT_MAX_FORM_BUFFERED_SIZE;
+    maxQueryParams = DEFAULT_MAX_QUERY_PARAMS;
     strictThreadMode = DEFAULT_STRICT_THREAD_MODE_STRICT;
     compression = new HttpCompressionConfig();
     handle100ContinueAutomatically = DEFAULT_HANDLE_100_CONTINE_AUTOMATICALLY;
@@ -845,6 +853,24 @@ public HttpServerOptions setMaxFormBufferedBytes(int maxFormBufferedBytes) {
     return this;
   }
 
+  /**
+   * @return Returns the maximum number of query params
+   */
+  public int getMaxQueryParams() {
+    return maxQueryParams;
+  }
+
+  /**
+   * Set the maximum number of query params
+   *
+   * @param maxQueryParams the new maximum
+   * @return a reference to this, so the API can be used fluently
+   */
+  public HttpServerOptions setMaxQueryParams(int maxQueryParams) {
+    this.maxQueryParams = maxQueryParams;
+    return this;
+  }
+
   /**
    * @return the initial HTTP/2 connection settings
    */

vertx-core/src/main/java/io/vertx/core/http/impl/HttpServerRequestImpl.java

@@ -52,6 +52,7 @@ public class HttpServerRequestImpl extends HttpServerRequestInternal {
   private final int maxFormAttributeSize;
   private final int maxFormFields;
   private final int maxFormBufferedBytes;
+  private final int maxQueryParams;
   private final Handler<HttpServerRequest> handler;
 
   // Accessed on context thread
@@ -79,6 +80,7 @@ public HttpServerRequestImpl(Handler<HttpServerRequest> handler,
                                int maxFormAttributeSize,
                                int maxFormFields,
                                int maxFormBufferedBytes,
+                               int maxQueryParams,
                                String serverOrigin) {
     this.handler = handler;
     this.context = context;
@@ -89,6 +91,7 @@ public HttpServerRequestImpl(Handler<HttpServerRequest> handler,
     this.handle100ContinueAutomatically = handle100ContinueAutomatically;
     this.maxFormAttributeSize = maxFormAttributeSize;
     this.maxFormFields = maxFormFields;
+    this.maxQueryParams = maxQueryParams;
     this.maxFormBufferedBytes = maxFormBufferedBytes;
   }
 
@@ -397,7 +400,7 @@ public String getParamsCharset() {
   public MultiMap params(boolean semicolonIsNormalChar) {
     synchronized (connection) {
       if (params == null || semicolonIsNormalChar != semicolonIsNormalCharInParams) {
-        params = HttpUtils.params(uri(), paramsCharset, semicolonIsNormalChar);
+        params = HttpUtils.params(uri(), paramsCharset, maxQueryParams, semicolonIsNormalChar);
         semicolonIsNormalCharInParams = semicolonIsNormalChar;
       }
       return params;

vertx-core/src/main/java/io/vertx/core/http/impl/HttpUtils.java

@@ -344,7 +344,11 @@ public static String absoluteURI(String serverOrigin, HttpServerRequest req) {
   }
 
   public static MultiMap params(String uri, Charset charset, boolean semicolonIsNormalChar) {
-    QueryStringDecoder queryStringDecoder = new QueryStringDecoder(uri, charset, true, 1024, semicolonIsNormalChar);
+    return params(uri, charset, 1024, semicolonIsNormalChar);
+  }
+
+  public static MultiMap params(String uri, Charset charset, int maxParams, boolean semicolonIsNormalChar) {
+    QueryStringDecoder queryStringDecoder = new QueryStringDecoder(uri, charset, true, maxParams, semicolonIsNormalChar);
     Map<String, List<String>> prms = queryStringDecoder.parameters();
     MultiMap params = MultiMap.caseInsensitiveMultiMap();
     if (!prms.isEmpty()) {

vertx-core/src/main/java/io/vertx/core/http/impl/http1/Http1ServerConnection.java

@@ -77,6 +77,7 @@ public class Http1ServerConnection extends Http1Connection implements HttpServer
   private final boolean eagerCreateRequestQueue;
   private final int maxFormAttributeSize;
   private final int maxFormFields;
+  private final int maxQueryParams;
   private final int maxFormBufferedBytes;
   private final Http1ServerConfig serverConfig;
   private final boolean registerWebSocketWriteHandlers;
@@ -102,6 +103,7 @@ public Http1ServerConnection(ThreadingModel threadingModel,
                                SslContextManager sslContextManager,
                                int maxFormAttributeSize,
                                int maxFormFields,
+                               int maxQueryParams,
                                int maxFormBufferedBytes,
                                Http1ServerConfig serverConfig,
                                boolean registerWebSocketWriteHandlers,
@@ -116,6 +118,7 @@ public Http1ServerConnection(ThreadingModel threadingModel,
     this.streamContextSupplier = streamContextSupplier;
     this.maxFormAttributeSize = maxFormAttributeSize;
     this.maxFormFields = maxFormFields;
+    this.maxQueryParams = maxQueryParams;
     this.maxFormBufferedBytes = maxFormBufferedBytes;
     this.serverConfig = serverConfig;
     this.registerWebSocketWriteHandlers = registerWebSocketWriteHandlers;
@@ -138,6 +141,10 @@ int maxFormFields() {
     return maxFormFields;
   }
 
+  int maxQueryParams() {
+    return maxQueryParams;
+  }
+
   int maxFormBufferedBytes() {
     return maxFormBufferedBytes;
   }

vertx-core/src/main/java/io/vertx/core/http/impl/http1/Http1ServerRequest.java

@@ -337,7 +337,7 @@ public String getParamsCharset() {
   @Override
   public MultiMap params(boolean semicolonIsNormalChar) {
     if (params == null || semicolonIsNormalChar != semicolonIsNormalCharInParams) {
-      params = HttpUtils.params(uri(), paramsCharset, semicolonIsNormalChar);
+      params = HttpUtils.params(uri(), paramsCharset, this.conn.maxQueryParams(), semicolonIsNormalChar);
       semicolonIsNormalCharInParams = semicolonIsNormalChar;
     }
     return params;

vertx-core/src/main/java/io/vertx/core/http/impl/quic/QuicHttpServer.java

@@ -136,6 +136,7 @@ private static class ConnectionHandler implements Handler<QuicConnection> {
     private final boolean handle100ContinueAutomatically;
     private final int maxFormAttributeSize;
     private final int maxFormFields;
+    private final int maxQueryParams;
     private final int maxFormBufferedSize;
     private final Http3Settings localSettings;
 
@@ -145,6 +146,7 @@ public ConnectionHandler(io.vertx.core.net.QuicServer transport,
                              boolean handle100ContinueAutomatically,
                              int maxFormAttributeSize,
                              int maxFormFields,
+                             int maxQueryParams,
                              int maxFormBufferedSize,
                              Http3Settings localSettings) {
       this.transport = transport;
@@ -153,6 +155,7 @@ public ConnectionHandler(io.vertx.core.net.QuicServer transport,
       this.handle100ContinueAutomatically = handle100ContinueAutomatically;
       this.maxFormAttributeSize = maxFormAttributeSize;
       this.maxFormFields = maxFormFields;
+      this.maxQueryParams = maxQueryParams;
       this.maxFormBufferedSize = maxFormBufferedSize;
       this.localSettings = localSettings;
     }
@@ -174,7 +177,7 @@ public void handle(QuicConnection connection) {
       http3Connection.streamHandler(stream -> {
         HttpServerRequestImpl request = new HttpServerRequestImpl(requestHandler, stream, stream.context(),
           handle100ContinueAutomatically, maxFormAttributeSize,
-          maxFormFields, maxFormBufferedSize, serverOrigin);
+          maxFormFields, maxQueryParams, maxFormBufferedSize, serverOrigin);
         request.init();
       });
 
@@ -218,7 +221,7 @@ public Future<HttpServer> listen(SocketAddress address) {
     }
 
     quicServer.handler(new ConnectionHandler(quicServer, requestHandler, connectionHandler,
-      config.isHandle100ContinueAutomatically(), config.getMaxFormAttributeSize(), config.getMaxFormFields(),
+      config.isHandle100ContinueAutomatically(), config.getMaxFormAttributeSize(), config.getMaxFormFields(), config.getMaxQueryParams(),
       config.getMaxFormBufferedBytes(), http3Config.getInitialSettings() != null ? http3Config.getInitialSettings().copy() : new Http3Settings()));
     return quicServer
       .bind(address)

vertx-core/src/main/java/io/vertx/core/http/impl/tcp/HttpServerConnectionHandler.java

@@ -101,7 +101,7 @@ public void handle(HttpServerConnection conn) {
         HttpServerConfig config = server.config;
         HttpServerRequestImpl request = new HttpServerRequestImpl(requestHandler, stream, stream.context(),
           config.isHandle100ContinueAutomatically(), config.getMaxFormAttributeSize(), config.getMaxFormFields(),
-          config.getMaxFormBufferedBytes(), serverOrigin);
+          config.getMaxFormBufferedBytes(), config.getMaxQueryParams(), serverOrigin);
         request.init();
       });
     }

vertx-core/src/main/java/io/vertx/core/http/impl/tcp/HttpServerConnectionInitializer.java

@@ -64,6 +64,7 @@ public class HttpServerConnectionInitializer {
   private final boolean handle100ContinueAutomatically;
   private final int maxFormAttributeSize;
   private final int maxFormFields;
+  private final int maxQueryParams;
   private final int maxFormBufferedBytes;
   private final Http1ServerConfig http1Config;
   private final Http2ServerConfig http2Config;
@@ -89,6 +90,7 @@ public HttpServerConnectionInitializer(ContextInternal context,
                                   boolean handle100ContinueAutomatically,
                                   int maxFormAttributeSize,
                                   int maxFormFields,
+                                  int maxQueryParams,
                                   int maxFormBufferedBytes,
                                   Http1ServerConfig http1Config,
                                   Http2ServerConfig http2Config,
@@ -147,6 +149,7 @@ public HttpServerConnectionInitializer(ContextInternal context,
     this.handle100ContinueAutomatically = handle100ContinueAutomatically;
     this.maxFormAttributeSize = maxFormAttributeSize;
     this.maxFormFields = maxFormFields;
+    this.maxQueryParams = maxQueryParams;
     this.maxFormBufferedBytes = maxFormBufferedBytes;
     this.http1Config = http1Config;
     this.http2Config = http2Config;
@@ -289,6 +292,7 @@ public void configureHttp1Handler(ChannelPipeline pipeline, SslContextManager ss
         sslContextManager,
         maxFormAttributeSize,
         maxFormFields,
+        maxQueryParams,
         maxFormBufferedBytes,
         http1Config,
         registerWebSocketWriteHandlers,