[KNOX-2737] Make maxFormContentSize and maxFormKeys configurable in Knox's embedded Jetty server - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.0.0
Component/s: Server
Labels:
None

Description

There are certain deployments, where increasing the maxFormContentSize configuration is required because the default 200kB is not enough in POST forms.

Jetty checks these configurations on two levels: first in the context, and then, if the context is not available (it's a very rare non-typical Jetty deployment), looks it up in the server's attributes:

The form content that a request can process is limited to protect from Denial of Service attacks. The size in bytes is limited by {@link ContextHandler#getMaxFormContentSize()} or if there is no context then the "org.eclipse.jetty.server.Request.maxFormContentSize" {@link Server} attribute.

The number of parameters keys is limited by {@link ContextHandler#getMaxFormKeys()} or if there is no context then the "org.eclipse.jetty.server.Request.maxFormKeys" {@link Server} attribute.

Please note that these configurations are controlled by the System properties called org.eclipse.jetty.server.Request.maxFormKeys and org.eclipse.jetty.server.Request.maxFormContentSize.

This Jira is about to override them in gateway-site.xml.

Attachments

Issue Links

links to

GitHub Pull Request #563

Activity

People

Assignee:: Sandor Molnar

Reporter:: Sandor Molnar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Apr/22 12:56

Updated:: 23/Jun/22 09:11

Resolved:: 25/Apr/22 04:59

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m