From e7795cbe09b61dd495853fd5fb92d8d9c2df07d0 Mon Sep 17 00:00:00 2001 From: qiuwei68 Date: Sun, 8 Oct 2023 15:10:15 +0800 Subject: [PATCH] HBASE-28138 Slow HTTP Denial of Service Attack of HBase Master web UI --- .../main/java/org/apache/hadoop/hbase/http/HttpServer.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java b/hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java index 9f4ce64a88..0e6837f2e8 100644 --- a/hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java +++ b/hbase-http/src/main/java/org/apache/hadoop/hbase/http/HttpServer.java @@ -115,6 +115,11 @@ public class HttpServer implements FilterContainer { // limitation otherwise the UTs will fail private static final int DEFAULT_MAX_HEADER_SIZE = Character.MAX_VALUE - 1; + //Add configuration for jetty idle timeout + private static final String HTTP_JETTY_IDLE_TIMEOUT = "hbase.master.ui.connection.idleTimeout"; + //Default jetty idle timeout + private static final long DEFAULT_HTTP_JETTY_IDLE_TIMEOUT = 30000; + static final String FILTER_INITIALIZERS_PROPERTY = "hbase.http.filter.initializers"; static final String HTTP_MAX_THREADS = "hbase.http.max.threads"; @@ -467,6 +472,8 @@ public class HttpServer implements FilterContainer { // default settings for connector listener.setAcceptQueueSize(128); + // config idle timeout for jetty + listener.setIdleTimeout(conf.getLong(HTTP_JETTY_IDLE_TIMEOUT,DEFAULT_HTTP_JETTY_IDLE_TIMEOUT)); if (Shell.WINDOWS) { // result of setting the SO_REUSEADDR flag is different on Windows // http://msdn.microsoft.com/en-us/library/ms740621(v=vs.85).aspx -- 2.41.0.windows.1