Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unexpected behaviour with REQUEST_MAX_HEADER_SIZE #2917

Closed
1 task done
pluzun opened this issue Feb 14, 2024 · 1 comment
Closed
1 task done

Unexpected behaviour with REQUEST_MAX_HEADER_SIZE #2917

pluzun opened this issue Feb 14, 2024 · 1 comment
Labels
bug

Comments

@pluzun
Copy link

pluzun commented Feb 14, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Describe the bug

Hey,
It seems that the REQUEST_MAX_HEADER_SIZE don't rely only Headers size but also on the URL and Method leading to a sanic.exceptions.PayloadTooLarge: Request header exceeds the size limit even if the headers size don't reach the max size: https://github.com/sanic-org/sanic/blob/v23.12.1/sanic/http/http1.py#L172-L197

See the following log with 2 requests with the same headers but with different URL:

sanic[2756545]: [2024-02-14 20:05:26 +0000] [2756545] [CRITICAL] 278 # Headers size 
sanic[2756545]: [2024-02-14 20:05:26 +0000] [2756545] [CRITICAL] [('host', '127.0.0.1:8000'), ('user-agent', 'python-httpx/0.11.1'), ('accept', '*/*'), ('accept-encoding', 'gzip, deflate'), ('connection', 'keep-alive'), ('content-type', 'application/json')]
sanic[2756545]: [2024-02-14 20:05:27 +0000] [2756545] [CRITICAL] 20571 # Headers size with big URL
sanic[2756545]: [2024-02-14 20:05:27 +0000] [2756545] [CRITICAL] [('host', '127.0.0.1:8000'), ('user-agent', 'python-httpx/0.11.1'), ('accept', '*/*'), ('accept-encoding', 'gzip, deflate'), ('connection', 'keep-alive'), ('content-type', 'application/json')]

Code snippet

No response

Expected Behavior

REQUEST_MAX_HEADER_SIZE should only take into account the HTTP Headers and not raise an Exception if the URL is too long.

How do you run Sanic?

As a module

Operating System

Linux

Sanic Version

v23.12.1

Additional context

No response
@pluzun pluzun added the bug label Feb 14, 2024
@pluzun pluzun changed the title HTTP Method and URL are counted into REQUEST_MAX_HEADER_SIZE Unexpected behaviour with REQUEST_MAX_HEADER_SIZE Feb 14, 2024
@Tronic
Copy link
Member

Tronic commented Feb 15, 2024

This is intended functionality. HTTP/1 header consists of the request line and header lines, that together (also including the newlines that follow) must fit in this limit. Sanic by design cannot make a distinction between different parts of the header. Closing as not a bug.

@Tronic Tronic closed this as completed Feb 15, 2024
@Tronic Tronic closed this as not planned Won't fix, can't repro, duplicate, stale Feb 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Tronic @pluzun