shreemaan-abhishek opened a new pull request, #13601: URL: https://github.com/apache/apisix/pull/13601
### Description Route matching supports `post_arg.*` predicates. For `application/json` and `multipart/form-data` requests, resolving these predicates in `apisix/core/ctx.lua` calls `request.get_request_body_table()` with no size limit, so the full request body (including temp-file-backed bodies) is parsed into worker memory during the access-phase matching. This PR adds a configurable bound: - New config `apisix.max_post_args_readable_size` (in MB, default `64`, `0` disables the limit). - `post_arg.*` matching now passes this cap to the body reader. Bodies larger than the cap are not read; the predicate resolves to `nil` and the route simply does not match. - The cap covers the JSON and multipart paths (`x-www-form-urlencoded` already goes through nginx's bounded `get_post_args`). Added schema validation, updated `config.yaml.example`, the router-radixtree docs, and tests in `t/core/ctx3.t` (oversized body is not read and the route does not match; within-cap body still matches). #### Which issue(s) this PR fixes: Fixes # ### Checklist - [x] I have explained the need for this PR and the problem it solves - [x] I have explained the changes or the new features added to this PR - [x] I have added tests corresponding to this change - [x] I have updated the documentation to reflect this change - [x] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
