hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-14 17:02:49 +03:00
Code Issues Projects Releases Wiki Activity

server: configurable header length limit for warp

Browse Source 
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/9363
GitOrigin-RevId: 8dd1e6a5f51d86ed20123c7ed7d42906fe5251bb
This commit is contained in:
pranshi06 2023-06-19 18:03:01 +05:30 committed by hasura-bot
parent 530e01d458
commit 3124c93673
9 changed files with 49 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/docs/deployment/graphql-engine-flags/reference.mdx
View File

@ -340,6 +340,18 @@ subgraph in an Apollo supergraph.
| **Default** | `false` | | **Default** | `false` |
| **Supported in** | CE, Enterprise Edition, Cloud | | **Supported in** | CE, Enterprise Edition, Cloud |
### Header Size Limit
Sets the maximum cumulative length of all headers in bytes.
| | |
| ------------------- | ----------------------------------------- |
| **Flag** | `--max-total-header-length` |
| **Env var** | `HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH` |
| **Accepted values** | Integer |
| **Default** | `1024*1024` (1MB) |
| **Supported in** | CE, Enterprise Edition |
### Enable Console ### Enable Console
Enable the Hasura Console (served by the server on `/` and `/console`). Enable the Hasura Console (served by the server on `/` and `/console`).

3
server/lib/test-harness/src/Harness/Constants.hs
View File

@ -309,7 +309,8 @@ serveOptions =
soExtensionsSchema = ExtensionsSchema "public", soExtensionsSchema = ExtensionsSchema "public",
soMetadataDefaults = emptyMetadataDefaults, soMetadataDefaults = emptyMetadataDefaults,
soApolloFederationStatus = ApolloFederationDisabled, soApolloFederationStatus = ApolloFederationDisabled,
soCloseWebsocketsOnMetadataChangeStatus = Init._default Init.closeWebsocketsOnMetadataChangeOption soCloseWebsocketsOnMetadataChangeStatus = Init._default Init.closeWebsocketsOnMetadataChangeOption,
soMaxTotalHeaderLength = Init._default Init.maxTotalHeaderLengthOption
} }
-- | What log level should be used by the engine; this is not exported, and -- | What log level should be used by the engine; this is not exported, and

4
server/src-lib/Hasura/App.hs
View File

@ -480,7 +480,8 @@ initialiseAppEnv env BasicConnectionInfo {..} serveOptions@ServeOptions {..} liv
appEnvGracefulShutdownTimeout = soGracefulShutdownTimeout, appEnvGracefulShutdownTimeout = soGracefulShutdownTimeout,
appEnvCheckFeatureFlag = ceCheckFeatureFlag env, appEnvCheckFeatureFlag = ceCheckFeatureFlag env,
appEnvSchemaPollInterval = soSchemaPollInterval, appEnvSchemaPollInterval = soSchemaPollInterval,
appEnvLicenseKeyCache = Nothing appEnvLicenseKeyCache = Nothing,
appEnvMaxTotalHeaderLength = soMaxTotalHeaderLength
} }
) )
@ -939,6 +940,7 @@ runHGEServer setupHook appStateRef initTime startupStatusHook consoleType ekgSto
. Warp.setInstallShutdownHandler shutdownHandler . Warp.setInstallShutdownHandler shutdownHandler
. Warp.setBeforeMainLoop (for_ startupStatusHook id) . Warp.setBeforeMainLoop (for_ startupStatusHook id)
. setForkIOWithMetrics . setForkIOWithMetrics
. Warp.setMaxTotalHeaderLength appEnvMaxTotalHeaderLength
$ Warp.defaultSettings $ Warp.defaultSettings
setForkIOWithMetrics :: Warp.Settings -> Warp.Settings setForkIOWithMetrics :: Warp.Settings -> Warp.Settings

3
server/src-lib/Hasura/App/State.hs
View File

@ -135,7 +135,8 @@ data AppEnv = AppEnv
-- to do it for the Enterprise version. -- to do it for the Enterprise version.
appEnvSchemaPollInterval :: OptionalInterval, appEnvSchemaPollInterval :: OptionalInterval,
appEnvCheckFeatureFlag :: CheckFeatureFlag, appEnvCheckFeatureFlag :: CheckFeatureFlag,
appEnvLicenseKeyCache :: Maybe (CredentialCache AgentLicenseKey) appEnvLicenseKeyCache :: Maybe (CredentialCache AgentLicenseKey),
appEnvMaxTotalHeaderLength :: Int
} }
-- | Represents the Dynamic Hasura State, these field are mutable and can be changed -- | Represents the Dynamic Hasura State, these field are mutable and can be changed

1
server/src-lib/Hasura/Server/Init.hs
View File

@ -216,6 +216,7 @@ mkServeOptions sor@ServeOptionsRaw {..} = do
pure $ getApolloFederationStatus soExperimentalFeatures apolloFederationStatusOptionM pure $ getApolloFederationStatus soExperimentalFeatures apolloFederationStatusOptionM
soCloseWebsocketsOnMetadataChangeStatus <- do soCloseWebsocketsOnMetadataChangeStatus <- do
withOptionDefault rsoCloseWebsocketsOnMetadataChangeStatus closeWebsocketsOnMetadataChangeOption withOptionDefault rsoCloseWebsocketsOnMetadataChangeStatus closeWebsocketsOnMetadataChangeOption
soMaxTotalHeaderLength <- withOptionDefault rsoMaxTotalHeaderLength maxTotalHeaderLengthOption
pure ServeOptions {..} pure ServeOptions {..}
-- | Fetch Postgres 'Query.ConnParams' components from the environment -- | Fetch Postgres 'Query.ConnParams' components from the environment

22
server/src-lib/Hasura/Server/Init/Arg/Command/Serve.hs
View File

@ -61,6 +61,7 @@ module Hasura.Server.Init.Arg.Command.Serve
metadataDefaultsOption, metadataDefaultsOption,
apolloFederationStatusOption, apolloFederationStatusOption,
closeWebsocketsOnMetadataChangeOption, closeWebsocketsOnMetadataChangeOption,
maxTotalHeaderLengthOption,
-- * Pretty Printer -- * Pretty Printer
serveCmdFooter, serveCmdFooter,
@ -148,6 +149,7 @@ serveCommandParser =
<*> parseMetadataDefaults <*> parseMetadataDefaults
<*> parseApolloFederationStatus <*> parseApolloFederationStatus
<*> parseEnableCloseWebsocketsOnMetadataChange <*> parseEnableCloseWebsocketsOnMetadataChange
<*> parseMaxTotalHeaderLength
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
-- Serve Options -- Serve Options
@ -1176,6 +1178,23 @@ parseEnableCloseWebsocketsOnMetadataChange =
<> Opt.help (Config._helpMessage closeWebsocketsOnMetadataChangeOption) <> Opt.help (Config._helpMessage closeWebsocketsOnMetadataChangeOption)
) )
parseMaxTotalHeaderLength :: Opt.Parser (Maybe Int)
parseMaxTotalHeaderLength =
Opt.optional
$ Opt.option
(Opt.eitherReader Env.fromEnv)
( Opt.long "max-total-header-length"
<> Opt.help (Config._helpMessage maxTotalHeaderLengthOption)
)
maxTotalHeaderLengthOption :: Config.Option Int
maxTotalHeaderLengthOption =
Config.Option
{ Config._default = (1024 * 1024),
Config._envVar = "HASURA_GRAPHQL_MAX_TOTAL_HEADER_LENGTH",
Config._helpMessage = "Max cumulative length of all headers in bytes (Default: 1MB)"
}
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
-- Pretty Printer -- Pretty Printer
@ -1275,6 +1294,7 @@ serveCmdFooter =
Config.optionPP defaultNamingConventionOption, Config.optionPP defaultNamingConventionOption,
Config.optionPP metadataDBExtensionsSchemaOption, Config.optionPP metadataDBExtensionsSchemaOption,
Config.optionPP apolloFederationStatusOption, Config.optionPP apolloFederationStatusOption,
Config.optionPP closeWebsocketsOnMetadataChangeOption Config.optionPP closeWebsocketsOnMetadataChangeOption,
Config.optionPP maxTotalHeaderLengthOption
] ]
eventEnvs = [Config.optionPP graphqlEventsHttpPoolSizeOption, Config.optionPP graphqlEventsFetchIntervalOption] eventEnvs = [Config.optionPP graphqlEventsHttpPoolSizeOption, Config.optionPP graphqlEventsFetchIntervalOption]

6
server/src-lib/Hasura/Server/Init/Config.hs
View File

@ -321,7 +321,8 @@ data ServeOptionsRaw impl = ServeOptionsRaw
rsoExtensionsSchema :: Maybe MonadTx.ExtensionsSchema, rsoExtensionsSchema :: Maybe MonadTx.ExtensionsSchema,
rsoMetadataDefaults :: Maybe MetadataDefaults, rsoMetadataDefaults :: Maybe MetadataDefaults,
rsoApolloFederationStatus :: Maybe Server.Types.ApolloFederationStatus, rsoApolloFederationStatus :: Maybe Server.Types.ApolloFederationStatus,
rsoCloseWebsocketsOnMetadataChangeStatus :: Maybe Server.Types.CloseWebsocketsOnMetadataChangeStatus rsoCloseWebsocketsOnMetadataChangeStatus :: Maybe Server.Types.CloseWebsocketsOnMetadataChangeStatus,
rsoMaxTotalHeaderLength :: Maybe Int
} }
-- | Whether or not to serve Console assets. -- | Whether or not to serve Console assets.
@ -620,7 +621,8 @@ data ServeOptions impl = ServeOptions
soExtensionsSchema :: MonadTx.ExtensionsSchema, soExtensionsSchema :: MonadTx.ExtensionsSchema,
soMetadataDefaults :: MetadataDefaults, soMetadataDefaults :: MetadataDefaults,
soApolloFederationStatus :: Server.Types.ApolloFederationStatus, soApolloFederationStatus :: Server.Types.ApolloFederationStatus,
soCloseWebsocketsOnMetadataChangeStatus :: Server.Types.CloseWebsocketsOnMetadataChangeStatus soCloseWebsocketsOnMetadataChangeStatus :: Server.Types.CloseWebsocketsOnMetadataChangeStatus,
soMaxTotalHeaderLength :: Int
} }
-- | 'ResponseInternalErrorsConfig' represents the encoding of the -- | 'ResponseInternalErrorsConfig' represents the encoding of the

3
server/src-test/Hasura/Server/InitSpec.hs
View File

@ -92,7 +92,8 @@ emptyServeOptionsRaw =
rsoExtensionsSchema = Nothing, rsoExtensionsSchema = Nothing,
rsoMetadataDefaults = Nothing, rsoMetadataDefaults = Nothing,
rsoApolloFederationStatus = Nothing, rsoApolloFederationStatus = Nothing,
rsoCloseWebsocketsOnMetadataChangeStatus = Nothing rsoCloseWebsocketsOnMetadataChangeStatus = Nothing,
rsoMaxTotalHeaderLength = Nothing
} }
mkServeOptionsSpec :: Hspec.Spec mkServeOptionsSpec :: Hspec.Spec

3
server/test-postgres/Constants.hs
View File

@ -91,7 +91,8 @@ serveOptions =
soExtensionsSchema = ExtensionsSchema "public", soExtensionsSchema = ExtensionsSchema "public",
soMetadataDefaults = emptyMetadataDefaults, soMetadataDefaults = emptyMetadataDefaults,
soApolloFederationStatus = ApolloFederationDisabled, soApolloFederationStatus = ApolloFederationDisabled,
soCloseWebsocketsOnMetadataChangeStatus = Init._default Init.closeWebsocketsOnMetadataChangeOption soCloseWebsocketsOnMetadataChangeStatus = Init._default Init.closeWebsocketsOnMetadataChangeOption,
soMaxTotalHeaderLength = Init._default Init.maxTotalHeaderLengthOption
} }
-- | What log level should be used by the engine; this is not exported, and -- | What log level should be used by the engine; this is not exported, and