[modwsgi] LimitRequestFieldSize, mod_wsgi-express in docker container.

Discussion:

Kamil Koziara

2015-12-10 15:35:47 UTC

Hi,
I have problem with setting LimitRequestFieldSize in mod_wsgi-express
running python app in docker container (I use Graham's image). I am
running Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 .
I tried attaching additional conf file with --include-file
custom_apache.conf with bigger limit, but I still get:
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Size of a request header field exceeds server limit.<br />
What could be the problem? Should I do something else?

--
You received this message because you are subscribed to the Google Groups "modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email to modwsgi+***@googlegroups.com.
To post to this group, send email to ***@googlegroups.com.
Visit this group at http://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.

Graham Dumpleton

2015-12-10 19:29:12 UTC

Permalink

Hi,
I have problem with settingLimitRequestFieldSize in mod_wsgi-express running python app in docker container (I use Graham's image). I am running Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 .
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Size of a request header field exceeds server limit.<br />
What could be the problem? Should I do something else?

Primary culprit would be the size of cookies being sent. The Apache default is:

#define DEFAULT_LIMIT_REQUEST_FIELDSIZE 8190

Only other header I have seen which can be quite large is authorisation headers when using OpenStack services.

The —include-file way of adding a config snippet and setting:

LimitRequestFieldSize 32768

should override it.

If this is from a browser can you use a browser extension to allow you to look at the headers being sent to work out which header is the problem one.

Alternatively go into the browser cookie cache and delete the cookies for that site.

What limit were you setting when you attempted to override it?

Graham

Kamil Koziara

2015-12-11 00:05:03 UTC

Permalink

I tried setting different sizes (131072, 32384) with
the LimitRequestFieldSize, and even smaller (4000) to see if it has any
effect, then I sent requests with Authorization field of varying sizes
(using request library) and it seems that the setting has no effect. The
limit is still around 8kB. I am wondering if the problem is somehow
connected to app being run in docker container.
The headers causing the problems are generated by my app and I can make
them smaller by grouping data into smaller batches, but it would be good to
be able to send bigger ones as well.

W dniu piÄtek, 11 grudnia 2015 03:29:22 UTC+8 uÅŒytkownik Graham Dumpleton

Hi,
I have problem with settingLimitRequestFieldSize in mod_wsgi-express

running python app in docker container (I use Graham's image). I am running
Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 .

I tried attaching additional conf file with --include-file
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br

Size of a request header field exceeds server limit.<br />
What could be the problem? Should I do something else?

#define DEFAULT_LIMIT_REQUEST_FIELDSIZE 8190
Only other header I have seen which can be quite large is authorisation
headers when using OpenStack services.
LimitRequestFieldSize 32768
should override it.
If this is from a browser can you use a browser extension to allow you to
look at the headers being sent to work out which header is the problem one.
Alternatively go into the browser cookie cache and delete the cookies for that site.
What limit were you setting when you attempted to override it?
Graham

Graham Dumpleton

2015-12-11 00:11:36 UTC

Permalink

Try also adding to mod_wsgi-express the option:

--header-buffer-size nnn

and set ânnnâ argument to some value above the default of 32768.

You may be hitting the limit in the transfer of request from Apache child worker process and daemon process. This is actually where problems were seen with OpenStack on response headers.

Graham

I tried setting different sizes (131072, 32384) with the LimitRequestFieldSize, and even smaller (4000) to see if it has any effect, then I sent requests with Authorization field of varying sizes (using request library) and it seems that the setting has no effect. The limit is still around 8kB. I am wondering if the problem is somehow connected to app being run in docker container.
The headers causing the problems are generated by my app and I can make them smaller by grouping data into smaller batches, but it would be good to be able to send bigger ones as well.

Hi,
I have problem with settingLimitRequestFieldSize in mod_wsgi-express running python app in docker container (I use Graham's image). I am running Apache/2.4.17 (Unix) mod_wsgi/4.4.21 Python/3.4.3 .
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
Size of a request header field exceeds server limit.<br />
What could be the problem? Should I do something else?

#define DEFAULT_LIMIT_REQUEST_FIELDSIZE 8190
Only other header I have seen which can be quite large is authorisation headers when using OpenStack services.
LimitRequestFieldSize 32768
should override it.
If this is from a browser can you use a browser extension to allow you to look at the headers being sent to work out which header is the problem one.
Alternatively go into the browser cookie cache and delete the cookies for that site.
What limit were you setting when you attempted to override it?