Implement RFC-0027: Add configurable route options size limit#4934
Open
rkoster wants to merge 2 commits intocloudfoundry:mainfrom
Open
Implement RFC-0027: Add configurable route options size limit#4934rkoster wants to merge 2 commits intocloudfoundry:mainfrom
rkoster wants to merge 2 commits intocloudfoundry:mainfrom
Conversation
Adds configurable size limit for route options JSON payload. Requests exceeding the limit are rejected with HTTP 422. - Add max_route_options_size config key to api_schema and worker_schema - Add default value of 1024 bytes to cloud_controller.yml - Add size validation in OptionsValidator (message layer) - Add validate_route_options_size in Route model (DB layer) - Handle options_size_exceeded errors in RouteCreate and RouteUpdate actions - Add unit tests for all new validation paths
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Implements the route options size limit from RFC-0027 amendment. Adds a configurable
max_route_options_sizesetting (default: 1024 bytes) that rejects route create/update requests with HTTP 422 when the serialized route options JSON exceeds the limit.Changes
app/messages/validators.rb): Added size check inOptionsValidatorto validate raw input size againstConfig.config.get(:max_route_options_size)app/models/runtime/route.rb): Addedvalidate_route_options_sizeas a defense-in-depth database layer validationapp/actions/route_create.rb,app/actions/route_update.rb): Handle the newoptions_size_exceedederror from the model and return appropriate API error responsesapi_schema.rb,worker_schema.rb): Addedmax_route_options_sizewith default of 1024Error format
Related