Hello,
I'd like to open this for discussion.
Many times, I get this in the error logs:
/[20-Dec-2020 00:00:39 UTC] PHP Warning: POST Content-Length of
131279729 bytes exceeds the limit of 67108864 bytes in Unknown on line 0/
I'd like to give the suggestion to PHP developers to make it more useful.
In my applications, I register error/exception handlers, like:
/set_error_handler('process_error_backtrace');//
//set_exception_handler('process_exception_backtrace');/
which allow me to add a lot more info to the errors, such as full URL,
Referer, IP, user ID, etc...
However, for the bytes exceeds the limit error above, I can't really do
much about it, because:
1) I have no idea which PHP script or URL was being invoked (it just
says "Unknown")
2) I have no idea who is trying to send that much data (am I being
DoS'ed? if so, what IP should I block?)
3) I cannot use an error handler to reformat the error the way I want,
like I do for all other errors
It would be nice if PHP developers could do something about this. Or is
there a big limitation that makes it impossible to improve it?
We may have 3 options to consider:
1) Make any "pre-invoke" errors contain some extra information (like IP,
full URL, script path provided to PHP-FPM, whatever is possible)
2) Have some new php.ini/PHP-FPM setting where we can provide a "pipe
script" to send these errors to (we could call error_get_last() to get
the error)
3) Simply invoke the page/script like normal, with $_POST empty/null,
and it would be up to every PHP page/script to call error_get_last() as
soon as possible, to detect any "pre-invoke" errors
Do you think an RFC can be raised for this? :)
Thank you very much
Nuno
