Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[THREESCALE-10164] Add support to set large_client_header_buffers directive #1446

Merged
merged 2 commits into from
Feb 20, 2024
Merged

[THREESCALE-10164] Add support to set large_client_header_buffers directive #1446

merged 2 commits into from
Feb 20, 2024

Conversation

tkan145
Copy link
Contributor

@tkan145 tkan145 commented Feb 8, 2024
edited by eguzki

What

Fixes: https://issues.redhat.com/browse/THREESCALE-10164

Verification Steps

  • Creat a apicast-config.json file with the following content
cat <<EOF >apicast-config.json
{
    "services": [
        {
            "id": "1",
            "backend_version": "1",
            "proxy": {
                "hosts": [
                    "one"
                ],
                "api_backend": "https://echo-api.3scale.net:443",
                "backend": {
                    "endpoint": "http://127.0.0.1:8081",
                    "host": "backend"
                },
                "policy_chain": [
                    {
                        "name": "apicast.policy.apicast"
                    }
                ],
                "proxy_rules": [
                    {
                        "http_method": "GET",
                        "pattern": "/",
                        "metric_system_name": "hits",
                        "delta": 1,
                        "parameters": [],
                        "querystring_parameters": {}
                    }
                ]
            }
        }
    ]
} 
EOF
  • Checkout this branch and start dev environment
make development
make dependencies
  • Run apicast locally
THREESCALE_DEPLOYMENT_ENV=staging APICAST_LOG_LEVEL=debug APICAST_WORKER=1 APICAST_CONFIGURATION_LOADER=lazy APICAST_CONFIGURATION_CACHE=0 THREESCALE_CONFIG_FILE=apicast-config.json ./bin/apicast
  • Capture apicast IP
APICAST_IP=$(docker inspect apicast_build_0-development-1 | yq e -P '.[0].NetworkSettings.Networks.apicast_build_0_default.IPAddress' -)
  • Generate big header
LARGE_HEADER=$(for i in {1..1024}; do echo -n 'ABCDEFGH'; done)
  • Send request with big header
curl -i -k -H "Host: one" -H "Accept: application/json" -H "Large-Header: ${LARGE_HEADER}" "http://${APICAST_IP}:8080/?user_key="

The response should be HTTP/1.1 400 Bad Request

HTTP/1.1 400 Bad Request                                          
Server: openresty                                                 
Date: Thu, 08 Feb 2024 06:49:26 GMT                               
Content-Type: text/html                                           
Content-Length: 230                                               
Connection: close                                                 
                                                                  
<html>                                                            
<head><title>400 Request Header Or Cookie Too Large</title></head>
<body>                                                            
<center><h1>400 Bad Request</h1></center>                         
<center>Request Header Or Cookie Too Large</center>               
<hr><center>openresty</center>                                    
</body>                                                           
</html>
  • Stop the gateway
CTRL-C
  • Start gateway again with APICAST_LARGE_CLIENT_HEADER_BUFFERS=4 12k
THREESCALE_DEPLOYMENT_ENV=staging APICAST_LOG_LEVEL=debug APICAST_WORKER=1 APICAST_CONFIGURATION_LOADER=lazy APICAST_CONFIGURATION_CACHE=0 THREESCALE_CONFIG_FILE=apicast-config.json APICAST_LARGE_CLIENT_HEADER_BUFFERS="4 12k" ./bin/apicast
  • Send another request
curl -i -k -H "Host: one" -H "Accept: application/json" -H "Large-Header: ${LARGE_HEADER}" "http://${APICAST_IP}:8080/?user_key="

The response should be HTTP/1.1 200 OK

@tkan145 tkan145 changed the title Add support to set large_client_header_buffers directive [THREESCALE-10164] Add support to set large_client_header_buffers directive Feb 8, 2024
@tkan145 tkan145 force-pushed the THREESCALE-10164-large_client_header_buffers branch from 59ae70b to 9e6c973 Compare February 8, 2024 07:35
eguzki
eguzki reviewed Feb 8, 2024
View reviewed changes
Copy link
Member

@eguzki eguzki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good.

@tkan145 tkan145 marked this pull request as ready for review February 9, 2024 06:12
@tkan145 tkan145 requested review from a team as code owners February 9, 2024 06:12
@tkan145
Copy link
Contributor Author

tkan145 commented Feb 9, 2024

I kindly requested review from @3scale/documentation team.

For some reason the test keeps failing in this PR 😞 , hopefully after I address the feedback from the docs team and make a new commit the test will work

dfennessy
dfennessy reviewed Feb 9, 2024
View reviewed changes
CHANGELOG.md Outdated
@@ -45,6 +45,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/).

- Dev environment: Camel proxy [PR #1441](https://github.com/3scale/APIcast/pull/1441)

- Added `APICAST_CLIENT_REQUEST_HEADER_BUFFERS` variable that allows to configure nginx `client_request_header_buffers` directive [PR #1446](https://github.com/3scale/APIcast/pull/1446), [THREESCALE-10164](https://issues.redhat.com/browse/THREESCALE-10164)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Added `APICAST_CLIENT_REQUEST_HEADER_BUFFERS` variable that allows to configure nginx `client_request_header_buffers` directive [PR #1446](https://github.com/3scale/APIcast/pull/1446), [THREESCALE-10164](https://issues.redhat.com/browse/THREESCALE-10164)
- Added `APICAST_CLIENT_REQUEST_HEADER_BUFFERS` variable to allow configuration of the NGINX `client_request_header_buffers` directive: [PR #1446](https://github.com/3scale/APIcast/pull/1446), [THREESCALE-10164](https://issues.redhat.com/browse/THREESCALE-10164)

dfennessy
dfennessy requested changes Feb 9, 2024
View reviewed changes
Copy link
Contributor

@dfennessy dfennessy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added a suggestion.

@tkan145 tkan145 force-pushed the THREESCALE-10164-large_client_header_buffers branch from 9e6c973 to 5f752bf Compare February 11, 2024 23:01
eguzki
eguzki requested changes Feb 13, 2024
View reviewed changes
Copy link
Member

@eguzki eguzki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Verification steps working like a charm

Some nitpicking and ready to merge.

t/large-client-header-buffers.t Outdated

__DATA__

=== TEST 1: large header (the header exceed exceed the size of one buffer)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

exceed exceed 👀

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good catch

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

t/large-client-header-buffers.t Outdated
}
--- upstream

client_header_buffer_size 10;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is needed? why?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not needed. I was trying to force nginx to use a large client header buffer, but I realized it's easier to just send a large header.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@eguzki eguzki mentioned this pull request Feb 13, 2024
Closed
eguzki
eguzki reviewed Feb 14, 2024
View reviewed changes
Copy link
Member

@eguzki eguzki left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but there are new conflicts (in CHANGELOG)

@tkan145 tkan145 force-pushed the THREESCALE-10164-large_client_header_buffers branch from 3cda591 to 30cec6c Compare February 19, 2024 02:30
@tkan145
Copy link
Contributor Author

tkan145 commented Feb 19, 2024

Conflict resolved

@eguzki
Copy link
Member

eguzki commented Feb 19, 2024

@dfennessy your approval is needed as you requested changes

dfennessy
dfennessy approved these changes Feb 19, 2024
View reviewed changes
Copy link
Contributor

@dfennessy dfennessy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tkan145 tkan145 merged commit 5b97638 into 3scale:master Feb 20, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eguzki eguzki eguzki approved these changes

@dfennessy dfennessy dfennessy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@tkan145 @eguzki @dfennessy