[apisix] branch master updated: feat: allow to limit client body size to protect the service (#2214)

Tue, 15 Sep 2020 06:58:43 -0700 

This is an automated email from the ASF dual-hosted git repository.

spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git


The following commit(s) were added to refs/heads/master by this push:
     new b6354ec  feat: allow to limit client body size to protect the service 
(#2214)
b6354ec is described below

commit b6354ec33eab21ecbd47159d1036c2805624c3c7
Author: 罗泽轩 <spacewander...@gmail.com>
AuthorDate: Tue Sep 15 21:58:30 2020 +0800

    feat: allow to limit client body size to protect the service (#2214)
---
 .travis/apisix_cli_test.sh | 15 +++++++++++++++
 bin/apisix                 |  2 +-
 conf/config-default.yaml   |  4 ++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/.travis/apisix_cli_test.sh b/.travis/apisix_cli_test.sh
index efea3a2..84b1ebb 100755
--- a/.travis/apisix_cli_test.sh
+++ b/.travis/apisix_cli_test.sh
@@ -211,6 +211,21 @@ fi
 
 echo "passed: worker_shutdown_timeout in nginx.conf is ok"
 
+# check the 'client_max_body_size' in 'nginx.conf' .
+
+sed -i 's/client_max_body_size: 0/client_max_body_size: 512m/'  
conf/config-default.yaml
+
+make init
+
+if ! grep -E "client_max_body_size 512m" conf/nginx.conf > /dev/null; then
+    echo "failed: client_max_body_size in nginx.conf doesn't change"
+    exit 1
+fi
+
+echo "passed: client_max_body_size in nginx.conf is ok"
+
+git checkout conf/config-default.yaml
+
 # check worker processes number is configurable.
 
 git checkout conf/config.yaml
diff --git a/bin/apisix b/bin/apisix
index dc4fc42..d609c21 100755
--- a/bin/apisix
+++ b/bin/apisix
@@ -240,7 +240,7 @@ http {
 
     access_log {* http.access_log *} main buffer=16384 flush=3;
     open_file_cache  max=1000 inactive=60;
-    client_max_body_size 0;
+    client_max_body_size {* http.client_max_body_size *};
     keepalive_timeout {* http.keepalive_timeout *};
     client_header_timeout {* http.client_header_timeout *};
     client_body_timeout {* http.client_body_timeout *};
diff --git a/conf/config-default.yaml b/conf/config-default.yaml
index faa482b..f6a4710 100644
--- a/conf/config-default.yaml
+++ b/conf/config-default.yaml
@@ -123,6 +123,10 @@ nginx_config:                     # config for render the 
template to genarate n
     keepalive_timeout: 60s         # timeout during which a keep-alive client 
connection will stay open on the server side.
     client_header_timeout: 60s     # timeout for reading client request 
header, then 408 (Request Time-out) error is returned to the client
     client_body_timeout: 60s       # timeout for reading client request body, 
then 408 (Request Time-out) error is returned to the client
+    client_max_body_size: 0        # The maximum allowed size of the client 
request body.
+                                   # If exceeded, the 413 (Request Entity Too 
Large) error is returned to the client.
+                                   # Note that unlike Nginx, we don't limit 
the body size by default.
+
     send_timeout: 10s              # timeout for transmitting a response to 
the client.then the connection is closed
     underscores_in_headers: "on"   # default enables the use of underscores in 
client request header fields
     real_ip_header: "X-Real-IP"    # 
http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header

Reply via email to