gRPC metadata is a useful mechanism for implementing authentication, tracing, and application-specific features. It is important that applications configure a limit on received metadata size, since metadata is not flow-controlled and large amounts can severely degrade performance. But configuring metadata limits can be tricky - what if the client accidentally starts sending too much metadata? Or worse, what if some proxy between client and server configures a lower metadata limit than the server? This talk will explore these questions and more, including how applications can learn to protect against such issues in the future.
Please note that this talk will focus on the C++ stack.
Thursday July 17, 2025 2:05pm - 2:25pm PDT Red Willow
