gRPC-Java Netty server handling of CONTINUATION frames

64 views

Skip to first unread message

jamesne...@gmail.com

unread,

Apr 11, 2024, 4:56:04 PM4/11/24

to grpc.io

Hi,

Given the recent news around vulnerabilities in the handling of of HTTP/2 CONTINUATION frames:

https://www.linkedin.com/pulse/understanding-continuation-flood-new-http2-protocol-baek--qmcwc

I was wondering whether the gRPC-Java Netty based server could be affected? If so, is there any way to mitigate the problem?

James

Eric Anderson

unread,

Apr 11, 2024, 5:56:24 PM4/11/24

to jamesne...@gmail.com, grpc.io

Netty (and by extension gRPC Netty) is not affected.

--
You received this message because you are subscribed to the Google Groups "grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/28994aea-a4cb-40ef-bf1a-2b7376541658n%40googlegroups.com.

Reply all

Reply to author

Forward

0 new messages