HTTP Endpoint (httpEndpoint)

HTTP Endpoint (httpEndpoint)

Configuration properties for an HTTP endpoint.

Name Type Default Description

accessLoggingRef Top level httpAccessLogging element (string). HTTP access logging configuration for the endpoint.

compressionRef Top level compression element (string). defaultCompression Compression options for the endpoint.

enabled boolean true Toggle the availability of an endpoint. When true, this endpoint will be activated by the dispatcher to handle HTTP requests.

headersRef Top level headers element (string). defaultHeaders Header options for the endpoint.

host string localhost IP address, domain name server (DNS) host name with domain name suffix, or just the DNS host name, used by a client to request a resource. Use '*' for all available network interfaces.
<defaultHttpEndpoint id="httpEndpoint" host="*"

httpOptionsRef Top level httpOptions element (string). defaultHttpOptions HTTP protocol options for the endpoint.

httpPort int
Min: -1
Max: 65535 The port used for client HTTP requests. Use -1 to disable this port.

httpsPort int
Min: -1
Max: 65535 The port used for client HTTP requests secured with SSL (https). Use -1 to disable this port.

id string A unique configuration ID.

onError

FAIL
IGNORE
WARN

WARN Action to take after a failure to start an endpoint.
FAIL
Server will issue a warning or error message on the first error occurrence and then stop the server.
IGNORE
Server will not issue any warning and error messages when it incurs a configuration error.
WARN
Server will issue warning and error messages when it incurs a configuration error.

protocolVersion string When Servlet 4.0 API is enabled as a feature, set this attribute to http/1.1 to disable HTTP/2 processing for the ports that were defined for the httpEndpoint element. When Servlet 3.1 API is enabled as a feature, set this attribute to http/2 to enable HTTP/2 processing for the ports defined for the httpEndpoint element.

remoteIpRef Top level remoteIp element (string). defaultRemoteIp Remote IP options for the endpoint.

samesiteRef Top level samesite element (string). defaultSameSite SameSite options for the endpoint.

sslOptionsRef Top level sslOptions element (string). SSL protocol options for the endpoint.

tcpOptionsRef Top level tcpOptions element (string). defaultTCPOptions TCP protocol options for the endpoint.

accessLogging
HTTP access logging configuration for the endpoint.

Name Type Default Description

enabled boolean true Enables access logging when the accessLogging configuration element is defined.
Note: Access logging must be configured for this attribute to take effect.

filePath Path to a file ${server.output.dir}/logs/http_access.log Directory path and name of the access log file. Standard variable substitutions, such as ${server.output.dir}, can be used when specifying the directory path.

logFormat string %h %u %{t}W "%r" %s %b Specifies the log format used when logging client access information.

maxFileSize int
Min: 0 20 Maximum size of a log file, in megabytes, before being rolled over; a value of 0 means no limit.

maxFiles int
Min: 0 2 Maximum number of log files that will be kept, before the oldest file is removed; a value of 0 means no limit.

rolloverInterval A period of time with minute precision -1 The time interval in between log rollovers, in minutes if a unit of time is not specified. Specify a positive integer followed by a unit of time, which can be days (d), hours (h), or minutes (m). For example, specify 5 hours as 5h. We can include multiple values in a single entry. For example, 1d5h is equivalent to 1 day and 5 hours. If rolloverStartTime is specified, the default value of rolloverInterval is 1 day. If both rolloverInterval and rolloverStartTime are unspecified, time based log rollover is disabled. Specify a positive integer followed by a unit of time, which can be hours (h) or minutes (m). For example, specify 30 minutes as 30m. We can include multiple values in a single entry. For example, 1h30m is equivalent to 90 minutes.

rolloverStartTime string The scheduled time of day for logs to first roll over. The rollover interval duration begins at rollover start time. Valid values follow a 24-hour ISO-8601 datetime format of HH:MM, where 00:00 represents midnight. Padding zeros are required. If rolloverInterval is specified, the default value of rolloverStartTime is 00:00, midnight. If both rolloverInterval and rolloverStartTime are unspecified, time based log rollover is disabled.

compression
Compression options for the endpoint.

Name Type Default Description

serverPreferredAlgorithm string none The configured compression algorithm is used to compress the body of responses when it is specified with a non-zero quality value in the request's Accept-Encoding header. The valid compression algorithms include: deflate, gzip, x-gzip, zlib, and identity.

types string
This is specified as a child element rather than as an XML attribute (maximum occurrences 5000). text/* To include a content type in addition to the default values, affix the add (+) character as a prefix to that content type. To exclude a content type from compression, affix the remove (-) character as a prefix to that content type.
Note that the wildcard (*) character is supported only as a content subtype, such as text/*.

headers
Header options for the endpoint.

Name Type Default Description

add string Header names and values that are added to each HTTP response. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty or present in the 'remove', 'set', or 'setIfMissing' header configurations.

remove string Header names that are removed from each HTTP response. Any header name defined using this child element must not be empty. No header values are expected. Any header name defined using this child element must not be present in the 'add', 'set', or 'setIfMissing' header configurations.

set string Header names and values that are set to each HTTP response. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty, defined more than once, or present in the 'remove', 'add', or 'setIfEmpty' header configurations. If the header is already present on the response, existing values are overwritten in favor of this configuration.

setIfMissing string Header names and values that are set to each HTTP response if not already present. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty, defined more than once, or present in the 'remove', 'add', or 'set' header configurations.

httpOptions
HTTP protocol options for the endpoint.

Name Type Default Description

AutoDecompression boolean true Specifies whether the HTTP Channel automatically decompresses incoming request body data.

DoNotAllowDuplicateSetCookies string false Prevents the HTTP Channel from sending multiple Set-Cookie headers with the same name.

MessageSizeLimit long -1 Limits the acceptable size of an incoming message. If a message arrives with a size larger than this value, then an error is returned to the remote client.

NoCacheCookiesControl boolean true Allows the user to control whether or not the presence of a Set-Cookie header should update the Cache-Control header with a matching no-cache value. This also adds the Expires header.

ThrowIOEForInboundConnections boolean Specifies whether the HTTP channel creates an I/O exception when an inbound connection is closed while still in use by the servlet. The default value is set according to the configured servlet feature. Prior to Servlet 4.0, the default value is false; starting with Servlet 4.0, the default value is true.

connectionWindowSize int
Min: 65535
Max: 2147483647 65535 Window size in octets for HTTP/2 connection-level flow control. This value can be configured to any size within the range of 65,535 to 2,147,483,647 octets, inclusive. If no value is specified, the default value is 65,535 octets.

decompressionRatioLimit int
Min: 1 200 Maximum ratio of decompressed to compressed request body payload. The HTTP channel reads the request body and verifies the ratio as the body decompresses. The channel stops decompression of the request body if the decompression ratio remains above the configured value and the decompressionTolerance is reached.

decompressionTolerance int
Min: 0 3 Maximum number of times the HTTP channel tolerates a decompression ratio above the configured ratio, depicted by the decompressionRatioLimit httpOption attribute. If this number reaches, and the next decompression cycle still contains a decompression ratio above the ratio limit, then the HTTP channel stops decompressing the request body.

http2ConnectionIdleTimeout A period of time with second precision 0 Amount of time, in seconds, that an HTTP/2 connection will be allowed to remain idle between socket IO operations. If not specified, or set to a value of 0, there is no connection timeout set. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

ignoreWriteAfterCommit boolean false When this attribute is set to true, the HTTP channel ignores write attempts if the message is already committed. If it is set to false, which is the default, any attempt to write after the message is committed results in a MessageSentException exception.

incomingBodyBufferSize int
Min: 1024
Max: 1048576 32768 Size of each buffer used when reading the body of an incoming HTTP message.

keepAliveEnabled boolean true Enables persistent connections (HTTP keepalive). If true, connections are kept alive for reuse by multiple sequential requests and responses. If false, connections are closed after the response is sent.

limitFieldSize int
Min: 50
Max: 2147483647 32768 Enforces the size limits on various HTTP fields, such as request URLs, or individual header names or values. Enforcing the size limits of these fields guards against possible Denial of Service attacks. An error is returned to the remote client, if a field exceeds the allowed size.

limitNumHeaders int
Min: 50
Max: 500 500 Limits the number of HTTP headers that can exist in an incoming message. When this limit is exceeded, an error is returned to the remote client.

limitWindowUpdateFrames boolean false Specifies whether the server waits until half of the HTTP/2 connection-level and stream-level windows are exhausted before it sends WINDOW_UPDATE frames. Valid values are true or false. If no value is specified, the default value is false.

maxConcurrentStreams int 100 Maximum number of streams that an HTTP/2 connection can have active at any given point. Opening streams over the limit, will result on a REFUSED_STREAM (0x7). If not specified, the default value of concurrent streams will be set to 100.

maxFrameSize int
Min: 16384
Max: 16777215 57344 Maximum allowed size of a frame payload the server will advertise in the SETTINGS_MAX_FRAME_SIZE HTTP/2 settings frame. This can be configured to any size within the range of 16,384 to 16,777,215 bytes, inclusive. If not specified, the default is set to 57,344 bytes.

maxHeaderBlockSize long
Min: 0 512000 Maximum size in bytes for the header block of individual HTTP2 streams. If this value is exceeded, the connection is closed with an error. Set this parameter to 0 to disable the check.

maxKeepAliveRequests int
Min: -1 -1 Maximum number of persistent requests allowed on a single HTTP connection if persistent connections are enabled. A value of -1 means unlimited. This option supports low latency or high throughput applications, and SSL connections for use in situations where building up a new connection can be costly.

maxResetFrames int
Min: 0 100 Maximum number of reset frames per connection allowed during the reset frame window. If this value is exceeded, the connection is closed. Set this parameter to 0 to disable the check.

maxStreamsRefused int
Min: 0 100 Maximum number of streams that are refused after the maximum concurrent streams limit is reached. If this value is exceeded, the connection is closed. Set this parameter to 0 to disable the check.

persistTimeout A period of time with second precision 30s Amount of time that a socket will be allowed to remain idle between requests. This setting only applies if persistent connections are enabled. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

readTimeout A period of time with second precision 60s Amount of time to wait for a read request to complete on a socket after the first read occurs. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

removeServerHeader boolean false Removes server implementation information from HTTP headers.

resetFramesWindow A period of time with millisecond precision 30s Window of time during which reset frames are counted on each connection. Set this parameter to 0 for unlimited time window. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

settingsInitialWindowSize int
Min: 1
Max: 2147483647 65535 Initial window size in octets for HTTP/2 stream-level flow control. This value can be configured to any size within the range of 1 to 2,147,483,647 octets, inclusive. If no value is specified, the default value is 65,535 octets.

writeTimeout A period of time with second precision 60s Amount of time to wait on a socket for each portion of the response data to be transmitted. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

remoteIp
Remote IP options for the endpoint.

Name Type Default Description

proxies string 10\.\d{1,3}\.\d{1,3}\.\d{1,3}|192\.168\.\d{1,3}\.\d{1,3}|169\.254\.\d{1,3}\.\d{1,3}|127\.\d{1,3}\.\d{1,3}\.\d{1,3}|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}|0:0:0:0:0:0:0:1|::1 A regular expression that defines trusted proxies.

useRemoteIpInAccessLog boolean false If true and the remote client information was verified by the HTTP Channel, the NCSA access log reflects the Forwarded or X-Forwarded-* headers. These headers are reflected when one or more of the following items are recorded: the remote client IP, the host, or the request protocol.

samesite
SameSite options for the endpoint.

Name Type Default Description

lax string List of cookie names or patterns for which the SameSite attribute is set to a value of Lax, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'none' nor 'strict' configurations.

none string List of cookie names or patterns for which the SameSite attribute is set to a value of None, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'lax' nor 'strict' configurations. Each cookie that is modified to contain a SameSite value of None as a result of this configuration is also set to Secure.

partitioned boolean false When this attribute is set to true, all SameSite=None cookies are partitioned and therefore are sent in cross-site requests. The default value is false, which means that cookies are not partitioned.

strict string List of cookie names or patterns for which the SameSite attribute is set to a value of Strict, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'lax' nor 'none' configurations.

sslOptions
SSL protocol options for the endpoint.

Name Type Default Description

sessionTimeout A period of time with second precision 1d Amount of time to wait for a read or write request to complete on a socket. This value is overridden by protocol-specific timeouts. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

sslRef Top level ssl element (string). The default SSL configuration repertoire. The default value is defaultSSLConfig.

sslSessionCacheSize int 100 The maximum number of session objects that can be stored in the cache.

sslSessionTimeout A period of time with millisecond precision 86400s The timeout limit for an SSL session that is established by the SSL Channel. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

suppressHandshakeErrors boolean false Disable logging of SSL handshake errors. SSL handshake errors can occur during normal operation, however these messages can be useful when SSL is behaving unexpectedly. If disabled, the message and console logs do not record handshake errors, and the trace log records handshake errors when SSL Channel tracing is on.

tcpOptions
TCP protocol options for the endpoint.

Name Type Default Description

acceptThread boolean false If true, then listening ports do not share the same thread for accepting connections. Otherwise, they share the same thread.

addressExcludeList string A comma-separated list of addresses that are not allowed to make inbound connections on this endpoint. We can specify IPv4 or IPv6 addresses. All values in an IPv4 or IPv6 address must be represented by a number or by an asterisk wildcard character. As examples, valid IPv4 addresses for this list include "*.1.255.0", "254.*.*.9", and "1.*.*.*", and valid IPv6 addresses include "0:*:*:0:007F:0:0001:0001", "F:FF:FFF:FFFF:1:01:001:0001", and "1234:*:4321:*:9F9f:*:*:0000".

addressIncludeList string A comma-separated list of addresses allowed to make inbound connections on this endpoint. We can specify IPv4 or IPv6 addresses. All values in an IPv4 or IPv6 address must be represented by a number or by an asterisk wildcard character. As examples, valid IPv4 addresses for this list include "*.1.255.0", "254.*.*.9", and "1.*.*.*", and valid IPv6 addresses include "0:*:*:0:007F:0:0001:0001", "F:FF:FFF:FFFF:1:01:001:0001", and "1234:*:4321:*:9F9f:*:*:0000".

hostNameExcludeList string A comma-separated list of host names that are not allowed to make inbound connections on this endpoint. Host names are not case-sensitive and can start with an asterisk, which is used as a wildcard character. However, asterisks cannot be elsewhere in the host name. For example, *.abc.com is valid, but *.abc.* is not valid.

hostNameIncludeList string A comma-separated list of host names allowed to make inbound connections on this endpoint. Host names are not case-sensitive and can start with an asterisk, which is used as a wildcard character. However, asterisks cannot be elsewhere in the host name. For example, *.abc.com is valid, but *.abc.* is not valid.

inactivityTimeout A period of time with millisecond precision 60s Amount of time to wait for a read or write request to complete on a socket. This value is overridden by protocol-specific timeouts. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.

maxOpenConnections int 128000 Define the maximum number of connections allowed to be open on this endpoint.

portOpenRetries int
Min: 0
Max: 100000 0 Number of retries to open a TCP/IP port during server startup. There will be a one second delay between retries, until the opening is successful or the port open retry number is reached.

soLinger int
Min: -1
Max: 65535 -1 Set the delay before closing the socket after a close request is received while data is transmitting. Set the value between 0 and 65,536 to specify the delay period in seconds. To disable this setting, set the value to -1.

soReuseAddr boolean true Enable immediate rebind to a port with no active listener.

waitToAccept boolean false Query whether this TCP Channel will delay accepting connections until the server starts. If false, connections are closed until the server starts. If true, the value for the acceptThread tcpOption is also set to true, and connections are delayed until the server starts.

Name	Type	Default	Description
accessLoggingRef	Top level httpAccessLogging element (string).		HTTP access logging configuration for the endpoint.
compressionRef	Top level compression element (string).	defaultCompression	Compression options for the endpoint.
enabled	boolean	true	Toggle the availability of an endpoint. When true, this endpoint will be activated by the dispatcher to handle HTTP requests.
headersRef	Top level headers element (string).	defaultHeaders	Header options for the endpoint.
host	string	localhost	IP address, domain name server (DNS) host name with domain name suffix, or just the DNS host name, used by a client to request a resource. Use '' for all available network interfaces. <defaultHttpEndpoint id="httpEndpoint" host=""
httpOptionsRef	Top level httpOptions element (string).	defaultHttpOptions	HTTP protocol options for the endpoint.
httpPort	int Min: -1 Max: 65535		The port used for client HTTP requests. Use -1 to disable this port.
httpsPort	int Min: -1 Max: 65535		The port used for client HTTP requests secured with SSL (https). Use -1 to disable this port.
id	string		A unique configuration ID.
onError	FAIL IGNORE WARN	WARN	Action to take after a failure to start an endpoint. FAIL Server will issue a warning or error message on the first error occurrence and then stop the server. IGNORE Server will not issue any warning and error messages when it incurs a configuration error. WARN Server will issue warning and error messages when it incurs a configuration error.
protocolVersion	string		When Servlet 4.0 API is enabled as a feature, set this attribute to http/1.1 to disable HTTP/2 processing for the ports that were defined for the httpEndpoint element. When Servlet 3.1 API is enabled as a feature, set this attribute to http/2 to enable HTTP/2 processing for the ports defined for the httpEndpoint element.
remoteIpRef	Top level remoteIp element (string).	defaultRemoteIp	Remote IP options for the endpoint.
samesiteRef	Top level samesite element (string).	defaultSameSite	SameSite options for the endpoint.
sslOptionsRef	Top level sslOptions element (string).		SSL protocol options for the endpoint.
tcpOptionsRef	Top level tcpOptions element (string).	defaultTCPOptions	TCP protocol options for the endpoint.

Name	Type	Default	Description
serverPreferredAlgorithm	string	none	The configured compression algorithm is used to compress the body of responses when it is specified with a non-zero quality value in the request's Accept-Encoding header. The valid compression algorithms include: deflate, gzip, x-gzip, zlib, and identity.
types	string This is specified as a child element rather than as an XML attribute (maximum occurrences 5000).	text/*	To include a content type in addition to the default values, affix the add (+) character as a prefix to that content type. To exclude a content type from compression, affix the remove (-) character as a prefix to that content type. Note that the wildcard () character is supported only as a content subtype, such as text/.

Name	Type	Description
add	string	Header names and values that are added to each HTTP response. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty or present in the 'remove', 'set', or 'setIfMissing' header configurations.
remove	string	Header names that are removed from each HTTP response. Any header name defined using this child element must not be empty. No header values are expected. Any header name defined using this child element must not be present in the 'add', 'set', or 'setIfMissing' header configurations.
set	string	Header names and values that are set to each HTTP response. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty, defined more than once, or present in the 'remove', 'add', or 'setIfEmpty' header configurations. If the header is already present on the response, existing values are overwritten in favor of this configuration.
setIfMissing	string	Header names and values that are set to each HTTP response if not already present. Header values are optionally included using a colon (:) delimiter. Any header name defined using this child element must not be empty, defined more than once, or present in the 'remove', 'add', or 'set' header configurations.

Name	Type	Default	Description
AutoDecompression	boolean	true	Specifies whether the HTTP Channel automatically decompresses incoming request body data.
DoNotAllowDuplicateSetCookies	string	false	Prevents the HTTP Channel from sending multiple Set-Cookie headers with the same name.
MessageSizeLimit	long	-1	Limits the acceptable size of an incoming message. If a message arrives with a size larger than this value, then an error is returned to the remote client.
NoCacheCookiesControl	boolean	true	Allows the user to control whether or not the presence of a Set-Cookie header should update the Cache-Control header with a matching no-cache value. This also adds the Expires header.
ThrowIOEForInboundConnections	boolean		Specifies whether the HTTP channel creates an I/O exception when an inbound connection is closed while still in use by the servlet. The default value is set according to the configured servlet feature. Prior to Servlet 4.0, the default value is false; starting with Servlet 4.0, the default value is true.
connectionWindowSize	int Min: 65535 Max: 2147483647	65535	Window size in octets for HTTP/2 connection-level flow control. This value can be configured to any size within the range of 65,535 to 2,147,483,647 octets, inclusive. If no value is specified, the default value is 65,535 octets.
decompressionRatioLimit	int Min: 1	200	Maximum ratio of decompressed to compressed request body payload. The HTTP channel reads the request body and verifies the ratio as the body decompresses. The channel stops decompression of the request body if the decompression ratio remains above the configured value and the decompressionTolerance is reached.
decompressionTolerance	int Min: 0	3	Maximum number of times the HTTP channel tolerates a decompression ratio above the configured ratio, depicted by the decompressionRatioLimit httpOption attribute. If this number reaches, and the next decompression cycle still contains a decompression ratio above the ratio limit, then the HTTP channel stops decompressing the request body.
http2ConnectionIdleTimeout	A period of time with second precision	0	Amount of time, in seconds, that an HTTP/2 connection will be allowed to remain idle between socket IO operations. If not specified, or set to a value of 0, there is no connection timeout set. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
ignoreWriteAfterCommit	boolean	false	When this attribute is set to true, the HTTP channel ignores write attempts if the message is already committed. If it is set to false, which is the default, any attempt to write after the message is committed results in a MessageSentException exception.
incomingBodyBufferSize	int Min: 1024 Max: 1048576	32768	Size of each buffer used when reading the body of an incoming HTTP message.
keepAliveEnabled	boolean	true	Enables persistent connections (HTTP keepalive). If true, connections are kept alive for reuse by multiple sequential requests and responses. If false, connections are closed after the response is sent.
limitFieldSize	int Min: 50 Max: 2147483647	32768	Enforces the size limits on various HTTP fields, such as request URLs, or individual header names or values. Enforcing the size limits of these fields guards against possible Denial of Service attacks. An error is returned to the remote client, if a field exceeds the allowed size.
limitNumHeaders	int Min: 50 Max: 500	500	Limits the number of HTTP headers that can exist in an incoming message. When this limit is exceeded, an error is returned to the remote client.
limitWindowUpdateFrames	boolean	false	Specifies whether the server waits until half of the HTTP/2 connection-level and stream-level windows are exhausted before it sends WINDOW_UPDATE frames. Valid values are true or false. If no value is specified, the default value is false.
maxConcurrentStreams	int	100	Maximum number of streams that an HTTP/2 connection can have active at any given point. Opening streams over the limit, will result on a REFUSED_STREAM (0x7). If not specified, the default value of concurrent streams will be set to 100.
maxFrameSize	int Min: 16384 Max: 16777215	57344	Maximum allowed size of a frame payload the server will advertise in the SETTINGS_MAX_FRAME_SIZE HTTP/2 settings frame. This can be configured to any size within the range of 16,384 to 16,777,215 bytes, inclusive. If not specified, the default is set to 57,344 bytes.
maxHeaderBlockSize	long Min: 0	512000	Maximum size in bytes for the header block of individual HTTP2 streams. If this value is exceeded, the connection is closed with an error. Set this parameter to 0 to disable the check.
maxKeepAliveRequests	int Min: -1	-1	Maximum number of persistent requests allowed on a single HTTP connection if persistent connections are enabled. A value of -1 means unlimited. This option supports low latency or high throughput applications, and SSL connections for use in situations where building up a new connection can be costly.
maxResetFrames	int Min: 0	100	Maximum number of reset frames per connection allowed during the reset frame window. If this value is exceeded, the connection is closed. Set this parameter to 0 to disable the check.
maxStreamsRefused	int Min: 0	100	Maximum number of streams that are refused after the maximum concurrent streams limit is reached. If this value is exceeded, the connection is closed. Set this parameter to 0 to disable the check.
persistTimeout	A period of time with second precision	30s	Amount of time that a socket will be allowed to remain idle between requests. This setting only applies if persistent connections are enabled. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
readTimeout	A period of time with second precision	60s	Amount of time to wait for a read request to complete on a socket after the first read occurs. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
removeServerHeader	boolean	false	Removes server implementation information from HTTP headers.
resetFramesWindow	A period of time with millisecond precision	30s	Window of time during which reset frames are counted on each connection. Set this parameter to 0 for unlimited time window. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
settingsInitialWindowSize	int Min: 1 Max: 2147483647	65535	Initial window size in octets for HTTP/2 stream-level flow control. This value can be configured to any size within the range of 1 to 2,147,483,647 octets, inclusive. If no value is specified, the default value is 65,535 octets.
writeTimeout	A period of time with second precision	60s	Amount of time to wait on a socket for each portion of the response data to be transmitted. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.

Name	Type	Default	Description
proxies	string	10\.\d{1,3}\.\d{1,3}\.\d{1,3}\|192\.168\.\d{1,3}\.\d{1,3}\|169\.254\.\d{1,3}\.\d{1,3}\|127\.\d{1,3}\.\d{1,3}\.\d{1,3}\|172\.1[6-9]{1}\.\d{1,3}\.\d{1,3}\|172\.2[0-9]{1}\.\d{1,3}\.\d{1,3}\|172\.3[0-1]{1}\.\d{1,3}\.\d{1,3}\|0:0:0:0:0:0:0:1\|::1	A regular expression that defines trusted proxies.
useRemoteIpInAccessLog	boolean	false	If true and the remote client information was verified by the HTTP Channel, the NCSA access log reflects the Forwarded or X-Forwarded-* headers. These headers are reflected when one or more of the following items are recorded: the remote client IP, the host, or the request protocol.

Name	Type	Default	Description
lax	string		List of cookie names or patterns for which the SameSite attribute is set to a value of Lax, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'none' nor 'strict' configurations.
none	string		List of cookie names or patterns for which the SameSite attribute is set to a value of None, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'lax' nor 'strict' configurations. Each cookie that is modified to contain a SameSite value of None as a result of this configuration is also set to Secure.
partitioned	boolean	false	When this attribute is set to true, all SameSite=None cookies are partitioned and therefore are sent in cross-site requests. The default value is false, which means that cookies are not partitioned.
strict	string		List of cookie names or patterns for which the SameSite attribute is set to a value of Strict, if not already defined. A single wildcard (*) character is supported as a stand-alone value, or following cookie name prefixes. Any cookie name or pattern defined by this list must be unique and not present in the 'lax' nor 'none' configurations.

Name	Type	Default	Description
sessionTimeout	A period of time with second precision	1d	Amount of time to wait for a read or write request to complete on a socket. This value is overridden by protocol-specific timeouts. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), or seconds (s). For example, specify 30 seconds as 30s. We can include multiple values in a single entry. For example, 1m30s is equivalent to 90 seconds.
sslRef	Top level ssl element (string).		The default SSL configuration repertoire. The default value is defaultSSLConfig.
sslSessionCacheSize	int	100	The maximum number of session objects that can be stored in the cache.
sslSessionTimeout	A period of time with millisecond precision	86400s	The timeout limit for an SSL session that is established by the SSL Channel. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
suppressHandshakeErrors	boolean	false	Disable logging of SSL handshake errors. SSL handshake errors can occur during normal operation, however these messages can be useful when SSL is behaving unexpectedly. If disabled, the message and console logs do not record handshake errors, and the trace log records handshake errors when SSL Channel tracing is on.

Name	Type	Default	Description
acceptThread	boolean	false	If true, then listening ports do not share the same thread for accepting connections. Otherwise, they share the same thread.
addressExcludeList	string		A comma-separated list of addresses that are not allowed to make inbound connections on this endpoint. We can specify IPv4 or IPv6 addresses. All values in an IPv4 or IPv6 address must be represented by a number or by an asterisk wildcard character. As examples, valid IPv4 addresses for this list include ".1.255.0", "254...9", and "1...", and valid IPv6 addresses include "0:::0:007F:0:0001:0001", "F:FF:FFF:FFFF:1:01:001:0001", and "1234::4321::9F9f:::0000".
addressIncludeList	string		A comma-separated list of addresses allowed to make inbound connections on this endpoint. We can specify IPv4 or IPv6 addresses. All values in an IPv4 or IPv6 address must be represented by a number or by an asterisk wildcard character. As examples, valid IPv4 addresses for this list include ".1.255.0", "254...9", and "1...", and valid IPv6 addresses include "0:::0:007F:0:0001:0001", "F:FF:FFF:FFFF:1:01:001:0001", and "1234::4321::9F9f:::0000".
hostNameExcludeList	string		A comma-separated list of host names that are not allowed to make inbound connections on this endpoint. Host names are not case-sensitive and can start with an asterisk, which is used as a wildcard character. However, asterisks cannot be elsewhere in the host name. For example, .abc.com is valid, but .abc.* is not valid.
hostNameIncludeList	string		A comma-separated list of host names allowed to make inbound connections on this endpoint. Host names are not case-sensitive and can start with an asterisk, which is used as a wildcard character. However, asterisks cannot be elsewhere in the host name. For example, .abc.com is valid, but .abc.* is not valid.
inactivityTimeout	A period of time with millisecond precision	60s	Amount of time to wait for a read or write request to complete on a socket. This value is overridden by protocol-specific timeouts. Specify a positive integer followed by a unit of time, which can be hours (h), minutes (m), seconds (s), or milliseconds (ms). For example, specify 500 milliseconds as 500ms. We can include multiple values in a single entry. For example, 1s500ms is equivalent to 1.5 seconds.
maxOpenConnections	int	128000	Define the maximum number of connections allowed to be open on this endpoint.
portOpenRetries	int Min: 0 Max: 100000	0	Number of retries to open a TCP/IP port during server startup. There will be a one second delay between retries, until the opening is successful or the port open retry number is reached.
soLinger	int Min: -1 Max: 65535	-1	Set the delay before closing the socket after a close request is received while data is transmitting. Set the value between 0 and 65,536 to specify the delay period in seconds. To disable this setting, set the value to -1.
soReuseAddr	boolean	true	Enable immediate rebind to a port with no active listener.
waitToAccept	boolean	false	Query whether this TCP Channel will delay accepting connections until the server starts. If false, connections are closed until the server starts. If true, the value for the acceptThread tcpOption is also set to true, and connections are delayed until the server starts.