applied, but bumped to 4k, while I think that's *massive*, it'll be even less likely to be hit, I hope :-)
On Wed, Jun 15, 2022 at 04:09:50PM +0200, Mira Limbeck wrote: > Azure AD seems to have a variable authorization code size, depending on > the browser state according to one report in bug #4074 [0]. > > Sometimes the size is greater than our current limit of 1024, so > increase it to 2048. > > The RFC [1] mentions that there is no limit to the code size, but based on > current experience, a size limit of 2048 might be enough for every > current OpenID Connect provider. > > [0] https://bugzilla.proxmox.com/show_bug.cgi?id=4074 > [1] https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2 > > Signed-off-by: Mira Limbeck <m.limb...@proxmox.com> > --- > The PBS implementation doesn't seem to be using any code size limit, do > we want to remove it entirely in PVE as well? > > src/PVE/API2/OpenId.pm | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/PVE/API2/OpenId.pm b/src/PVE/API2/OpenId.pm > index c838b2c..8653d61 100644 > --- a/src/PVE/API2/OpenId.pm > +++ b/src/PVE/API2/OpenId.pm > @@ -134,7 +134,7 @@ __PACKAGE__->register_method ({ > code => { > description => "OpenId authorization code.", > type => 'string', > - maxLength => 1024, > + maxLength => 2048, > }, > 'redirect-url' => { > description => "Redirection Url. The client should set this to > the used server url (location.origin).", > -- > 2.30.2 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel