http: disable headersTimeout check when set to zero

PR-URL: #33307
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>

Author: ShogunPanda

doc/api/http.md

@@ -943,7 +943,7 @@ added: v0.1.90
 
 Stops the server from accepting new connections. See [`net.Server.close()`][].
 
-### server.listen()
+### `server.listen()`
 
 Starts the HTTP server listening for connections.
 This method is identical to [`server.listen()`][] from [`net.Server`][].
@@ -984,6 +984,8 @@ event is emitted on the server object, and (by default) the socket is destroyed.
 See [server.timeout][] for more information on how timeout behaviour can be
 customised.
 
+A value of `0` will disable the HTTP headers timeout check.
+
 ### server.setTimeout([msecs][, callback])
 <!-- YAML
 added: v0.9.12

lib/_http_server.js

@@ -501,8 +501,12 @@ function onParserExecute(server, socket, parser, state, ret) {
 
   // If we have not parsed the headers, destroy the socket
   // after server.headersTimeout to protect from DoS attacks.
-  // start === 0 means that we have parsed headers.
-  if (start !== 0 && nowDate() - start > server.headersTimeout) {
+  // start === 0 means that we have parsed headers, while
+  // server.headersTimeout === 0 means user disabled this check.
+  if (
+    start !== 0 && server.headersTimeout &&
+    nowDate() - start > server.headersTimeout
+  ) {
     const serverTimeout = server.emit('timeout', socket);
 
     if (!serverTimeout)

test/parallel/test-http-server-disabled-headers-timeout.js

@@ -0,0 +1,49 @@
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+const { createServer } = require('http');
+const { connect } = require('net');
+
+// This test verifies that it is possible to disable
+// headersTimeout by setting it to zero.
+
+const server = createServer(common.mustCall((req, res) => {
+  res.writeHead(200);
+  res.end('OK');
+}));
+
+server.headersTimeout = 0;
+
+server.once('timeout', common.mustNotCall((socket) => {
+  socket.destroy();
+}));
+
+server.listen(0, common.mustCall(() => {
+  const client = connect(server.address().port);
+  let response = '';
+
+  client.resume();
+  client.write('GET / HTTP/1.1\r\nConnection: close\r\n');
+
+  // All the timeouts below must be greater than a second, otherwise
+  // headersTimeout won't be triggered anyway as the current date is cached
+  // for a second in HTTP internals.
+  setTimeout(() => {
+    client.write('X-Crash: Ab: 456\r\n');
+  }, common.platformTimeout(1100)).unref();
+
+  setTimeout(() => {
+    client.write('\r\n');
+  }, common.platformTimeout(1200)).unref();
+
+  client.on('data', (chunk) => {
+    response += chunk.toString('utf-8');
+  });
+
+  client.on('end', common.mustCall(() => {
+    assert.strictEqual(response.split('\r\n').shift(), 'HTTP/1.1 200 OK');
+    client.end();
+    server.close();
+  }));
+}));