Uploaded image for project: 'Red Hat 3scale API Management'
  1. Red Hat 3scale API Management
  2. THREESCALE-12004

Set Falcon max line length to 12kb to prevent 503 errors on long URLs

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started
    • Not Started

      Problem

      After deploying a canary pod with the last alpha, several 503 errors were received by clients. Investigation revealed that the errors correspond to requests with very long paths in URLs.

      Root Cause

      Old versions of protocol-http1 (a dependency of Falcon) didn't set any limit to URL lengths for incoming requests. A year ago, they added an 8kb limit to protect against DDoS attacks: https://github.com/socketry/protocol-http1/pull/40/files

      The last alpha includes a newer version of the gem that includes this limit, causing the errors for clients with URLs longer than 8kb.

      Solution

      While the 8kb default limit is reasonable for DDoS protection, our clients need a bit more. This change increases the Falcon max line length limit to 12kb.

      Related Links

      Impact

      • Fixes 503 errors for clients with long URL paths
      • Maintains DDoS protection with a reasonable 12kb limit

              Unassigned Unassigned
              rh-ee-jlledo Joan Lledo
              Joan Lledo Joan Lledo
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: