Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-9675

Cannot disable 'max-post-size' check for undertow listeners

    Details

      Description

      With EAP7.1.0.GA, there has been added a validator for 'max-post-size' attribute for listeners in undertow subsystem. This validator requires positive integer values starting with value 1. That means, you cannot disable 'max-post-size' for such listener using 0 value anymore.

      In EAP6.4 and EAP7.0, it was possible to disable 'max-post-size' check with 0 value. I understand that we might not want to allow user to set this to 0 value as it might be a potentional security risk. Still, maybe we should relax this restriction as it was possible to configure it that way in previous versions of EAP.

      Also there is a Knowledge Base article regarding to this feature, which we should update in case we won't reconsider our position.

      Just for the record - quoting question from mailing list:

      Dear Experts,

      Based on KCS, the "max-post-size" in "http-listener" from "undertow" subsystem can be disabled by setting "0" to it, it worked for EAP 6.x and 7.0 GA.

      But in EAP 7.1.0 GA, it didn't work:
      ~~~
      [standalone@localhost:9990 /] /subsystem=undertow/server=default-server/http-listener=default/:write-attribute(name=max-post-size,value=0)

      Unknown macro: { "outcome" => "failed", "failure-description" => "WFLYCTL0117}

      ~~~

      By comparing schemas:
      ~~~
      jboss-eap-7.0/docs/schema/wildfly-undertow_x_x.xsd:
      <xs:attribute name="max-post-size" type="xs:long" default="0"/>

      jboss-eap-7.1/docs/schema/wildfly-undertow_x_x.xsd:
      <xs:attribute name="max-post-size" type="xs:long" default="10485760"/>
      ~~~
      The behaviour changed.

      And I found WFLY-6437 and JBEAP-3974, but failed to open links inside those.

      So can I ask if "max-post-size" can be disabled in EAP 7.1.0 GA and the reason if possible?

      Best Regards,
      Zhang Xu

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  soul2zimate Chao Wang
                  Reporter:
                  soul2zimate Chao Wang
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: