Policy: Payload limits fix on content-length

When content length was bigger than the limit, the content length value was not changed at all, and clients keep reading until got the full length. Fix https://issues.redhat.com/browse/THREESCALE-6736 Signed-off-by: Eloy Coto <eloy.coto@acalustra.com>
3scale · Apr 20, 2021 · 8c53126 · 8c53126
1 parent df409f9
commit 8c53126
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 - Fixed issues with URI when using Routing Policy [PR #1245](https://github.com/3scale/APIcast/pull/1245) [THREESCALE-6410](https://issues.redhat.com/browse/THREESCALE-6410)
 - Fixed typo on TLS jsonschema [PR #1260](https://github.com/3scale/APIcast/pull/1260) [THREESCALE-6390](https://issues.redhat.com/browse/THREESCALE-6390)
 - Fixed host header format on http_ng resty [PR #1264](https://github.com/3scale/APIcast/pull/1264) [THREESCALE-2235](https://issues.redhat.com/browse/THREESCALE-2235)
+- Fixed Payload limit content-length response header [PR #1266](https://github.com/3scale/APIcast/pull/1266) [THREESCALE-6736](https://issues.redhat.com/browse/THREESCALE-6736)
 
 
 ### Added

diff --git a/gateway/src/apicast/policy/payload_limits/payload_limit.lua b/gateway/src/apicast/policy/payload_limits/payload_limit.lua
@@ -4,6 +4,8 @@ local new = _M.new
 local ngx_exit = ngx.exit
 local ngx_say = ngx.say
 
+local PayloadErrMessage = "Payload Too Large"
+
 function _M.new(config)
   local self = new(config)
   self.request_limit = tonumber(config.request) or 0
@@ -24,7 +26,7 @@ function _M:access()
   if tonumber(ngx.var.content_length) > self.request_limit then
       ngx.log(ngx.INFO, "request rejected due to large body")
       ngx.status = 413
-      ngx_say("Payload Too Large")
+      ngx_say(PayloadErrMessage)
       return ngx_exit(413)
   end
 end
@@ -43,14 +45,16 @@ function _M:header_filter(context)
       ngx.log(ngx.INFO, "Response rejected due to large body")
       context.request_limited = true;
       ngx.status = 413
+      ngx.header["Content-Length"] = #PayloadErrMessage
       return ngx_exit(413)
   end
 end
 
 function _M:body_filter(context)
   if context.request_limited then
-    ngx.arg[1] = "Payload Too Large"
+    ngx.arg[1] = PayloadErrMessage
     ngx.arg[2] = true
+
     return
   end
 end

diff --git a/t/apicast-policy-payload_limits.t b/t/apicast-policy-payload_limits.t
@@ -236,6 +236,8 @@ yay, api backend
 --- request
 POST /test
 --- error_code: 413
+--- response_headers
+Content-Length: 17
 --- response_body eval
 "Payload Too Large"
 --- no_error_log