[
https://issues.apache.org/jira/browse/KNOX-2737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandor Molnar resolved KNOX-2737.
---------------------------------
Resolution: Fixed
> Make maxFormContentSize and maxFormKeys configurable in Knox's embedded Jetty
> server
> ------------------------------------------------------------------------------------
>
> Key: KNOX-2737
> URL: https://issues.apache.org/jira/browse/KNOX-2737
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Major
> Fix For: 2.0.0
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> There are certain deployments, where increasing the {{maxFormContentSize}}
> configuration is required because the default 200kB is not enough in POST
> forms.
> Jetty checks these configurations on two levels: first in the context, and
> then, if the context is not available (it's a very rare non-typical Jetty
> deployment), looks it up in the server's attributes:
> {noformat}
> The form content that a request can process is limited to protect from Denial
> of Service attacks. The size in bytes is limited by {@link
> ContextHandler#getMaxFormContentSize()} or if there is no context then the
> "org.eclipse.jetty.server.Request.maxFormContentSize" {@link Server}
> attribute.
> The number of parameters keys is limited by {@link
> ContextHandler#getMaxFormKeys()} or if there is no context then the
> "org.eclipse.jetty.server.Request.maxFormKeys" {@link Server}
> attribute.{noformat}
> Please note that these configurations are controlled by the System properties
> called {{org.eclipse.jetty.server.Request.maxFormKeys}} and
> {{{}org.eclipse.jetty.server.Request.maxFormContentSize{}}}.
> This Jira is about to override them in {{{}gateway-site.xml{}}}.
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
