0977de3e17
fasthttp defaults to a 4 KB read buffer per connection. Any request whose header line exceeds that returns a flat HTTP 431 from Fiber before the request reaches a handler — affecting clients carrying chunked NextAuth cookies, mTLS client-cert headers, or large bearer tokens. 16 KB matches the cluster ingress-nginx large_client_header_buffers allowance. Tested 4–8 KB header payloads through shell-api.gosec.internal — all return normal app responses instead of 431. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3.5 KiB
3.5 KiB