From c301d8bc2522a2010d1db9c9924fcf825255a9cd Mon Sep 17 00:00:00 2001 From: nate stemen Date: Wed, 18 Mar 2020 10:26:53 -0400 Subject: [PATCH] Merge pull request #2666 from overleaf/em-max-json-request-size Separate max_doc_length from max JSON request size GitOrigin-RevId: 4c725028111966bf04109080d80d4672273dd697 --- services/web/app/src/infrastructure/Server.js | 6 +----- services/web/config/settings.defaults.coffee | 11 +++++++++++ .../web/test/acceptance/src/BodyParserErrorsTest.js | 2 +- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/services/web/app/src/infrastructure/Server.js b/services/web/app/src/infrastructure/Server.js index 582891b10b..cafa05a7e7 100644 --- a/services/web/app/src/infrastructure/Server.js +++ b/services/web/app/src/infrastructure/Server.js @@ -83,11 +83,7 @@ app.set('view engine', 'pug') Modules.loadViewIncludes(app) app.use(bodyParser.urlencoded({ extended: true, limit: '2mb' })) -// Make sure we can process twice the max doc length, to allow for -// - the doc content -// - text ranges spanning the whole doc -// Also allow some overhead for JSON encoding -app.use(bodyParser.json({ limit: 2 * Settings.max_doc_length + 64 * 1024 })) // 64kb overhead +app.use(bodyParser.json({ limit: Settings.max_json_request_size })) app.use(methodOverride()) app.use(bearerToken()) diff --git a/services/web/config/settings.defaults.coffee b/services/web/config/settings.defaults.coffee index ae8ec33ffe..5158fd43fc 100644 --- a/services/web/config/settings.defaults.coffee +++ b/services/web/config/settings.defaults.coffee @@ -429,6 +429,17 @@ module.exports = settings = # Maximum size of text documents in the real-time editing system. max_doc_length: 2 * 1024 * 1024 # 2mb + # Maximum JSON size in HTTP requests + # We should be able to process twice the max doc length, to allow for + # - the doc content + # - text ranges spanning the whole doc + # + # There's also overhead required for the JSON encoding and the UTF-8 encoding, + # theoretically up to 3 times the max doc length. On the other hand, we don't + # want to block the event loop with JSON parsing, so we try to find a + # practical compromise. + max_json_request_size: parseInt(process.env["MAX_JSON_REQUEST_SIZE"]) || 6 * 1024 * 1024 # 6 MB + # Internal configs # ---------------- path: diff --git a/services/web/test/acceptance/src/BodyParserErrorsTest.js b/services/web/test/acceptance/src/BodyParserErrorsTest.js index fa55a7ec44..cd14ea8c31 100644 --- a/services/web/test/acceptance/src/BodyParserErrorsTest.js +++ b/services/web/test/acceptance/src/BodyParserErrorsTest.js @@ -2,7 +2,7 @@ const Settings = require('settings-sharelatex') const request = require('./helpers/request') // create a string that is longer than the max allowed (as defined in Server.js) -const wayTooLongString = 'a'.repeat(2 * Settings.max_doc_length + 64 * 1024 + 1) +const wayTooLongString = 'a'.repeat(Settings.max_json_request_size + 1) describe('BodyParserErrors', function() { describe('when request is too large', function() {