Server feature-flagsDetails » History » Revision 17
Revision 16 (gstrauss, 2023-09-13 04:12) → Revision 17/22 (gstrauss, 2024-02-04 21:45)
h1. server.feature-flags option h2. Description server-wide feature control for selected features (since 1.4.56) @server.feature-flags = ( "..." => "..." )@ Example: @server.feature-flags = ( "server.h2proto" => "enable", "server.h2c" => "enable" )@ h2. Options table{margin-left: 2em}. |_.option |_. description |_. notes | | @"server.h2proto" => "enable"@ | HTTP/2 support (default: enable (since 1.4.59)) | (since 1.4.56) | | @"server.h2c" => "enable"@ | HTTP/2 cleartext support (@Upgrade: h2c@) (default: enable (since 1.4.59)) (requires @"server.h2proto" => "enable"@ to enable) | (since 1.4.56) | | @"server.graceful-shutdown-timeout" => 8@ | max num of secs to wait for existing requests to complete during graceful restart (default: 8 (since 1.4.64)) (slow requests are aborted after timeout to allow graceful restart to proceed) | (since 1.4.56) | | @"server.graceful-restart-bg" => "enable"@ | immediate graceful restart while existing requests complete in background process (default: disable) Note: feature works with many lighttpd.conf configurations, but not available in all configurations (e.g. available with independent backends; not available if lighttpd runs backend processes with @"bin-path"@ Use with @server.systemd-socket-activation = "enable"@ (needed before 1.4.68) Fix for #3164 is in lighttpd 1.4.66; using latest lighttpd release is recommended | (since 1.4.56) | | @"server.clock-jump-restart" => 1800@ | trigger graceful restart if clock jumps more than defined threshold (default: 1800 (30 min)) (if triggered, @"server.graceful-shutdown-timeout"@ forced to 5 sec) | (since 1.4.60) | | @"server.errorlog-high-precision" => "disable"@ | high-resolution timestamps in errorlog trace (default: disable) | (since 1.4.60) | | @"server.metrics-high-precision" => "disable"@ | high-resolution timestamps in metrics collection (default: disable) | (since 1.4.65) | behavior change; compatibility flags table{margin-left: 2em}. | @"server.h2-discard-backend-1xx" => "disable"@ | discard 1xx responses from backend (other than 101) when client is HTTP/2 (default: disable) default: relay 1xx from backend when client is HTTP/2, e.g. 103 Early Hints | (since 1.4.56) | | @"server.h1-discard-backend-1xx" => "disable"@ | discard 1xx responses from backend (other than 101) when client is HTTP/1.x (default: disable) default: relay 1xx from backend when client is HTTP/1.1, e.g. 103 Early Hints | (since 1.4.56) | | @"server.absolute-dir-redirect" => "disable"@ | use fully qualified URI in automatic redirect to directory (default: disable) default: use relative url-path (better abstraction) in automatic redirect to directory | (since 1.4.56) | | @"proxy.force-http10" => "disable"@ | force proxy requests to backend to use HTTP/1.0 (default: disable) default: send requests to backend using HTTP/1.1 | (since 1.4.56) | | @"ssl.session-cache" => "disable"@ | server-side TLS session id cache (default: disable) default: use TLS session tickets (stateless on server-side) | (since 1.4.56) | | @"cgi.tempfile-accum" => "enable"@ | accumulate request body in single temporary file if not streaming request body to backend (default: enable) default: temporary file is passed as CGI stdin when request body > 64k (can be disabled if backend immediately reads request body into another temporary file, doubling disk space use on a filesystem with limited size) | (since 1.4.60) | | @"chunkqueue.splice" => "enable"@ | @splice()@ data into temporary files (Linux) (default: enable) | (since 1.4.60) | | @"http10.range" => "disable"@ | allow Range requests sent with HTTP/1.0 (default: disable) Range request header is part of the HTTP/1.1 specification and might be mishandled by HTTP/1.0 proxies | (since 1.4.65) | | @"auth.delay-invalid-creds" => "enable"@ | delay response up to 1 sec for HTTP authentication invalid credentials (default: enable) | (since 1.4.65) | | @"auth.http-goaway-invalid-creds => "enable"@ | send GOAWAY after HTTP authentication invalid credentials (default: enable) (mitigation should be disabled if _different_ clients are multiplexed on same h2 connection) | (since 1.4.72) | | @"server.http-pathinfo" => "enable"@ | allow PATH_INFO in request url-path (default: enable) | (since 1.4.72) | | @"gw.upgrade-with-request-body" => "disable"@ | allow HTTP/1.1 Upgrade requests with non-zero request body (default: disable) | (since 1.4.74) |