205hlab-mirrors/traefik
2
0
Fork 0
mirror of https://github.com/traefik/traefik.git synced 2026-06-17 19:09:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Change default maxRequestBodyBytes option value of retry middleware

Browse Source
This commit is contained in:
LBF38
2026-03-19 15:52:06 +01:00
committed by GitHub
parent 6c7c056b28
commit 444e096d3c
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/content/reference/routing-configuration/http/middlewares/retry.md
+2 -2
View File
@@ -96,7 +96,7 @@ spec:
| <a id="opt-attempts" href="#opt-attempts" title="#opt-attempts">`attempts`</a> | number of times the request should be retried. | | Yes |
| <a id="opt-initialInterval" href="#opt-initialInterval" title="#opt-initialInterval">`initialInterval`</a> | First wait time in the exponential backoff series. <br />The maximum interval is calculated as twice the `initialInterval`. <br /> If unspecified, requests will be retried immediately.<br /> Defined in seconds or as a valid duration format, see [time.ParseDuration](https://golang.org/pkg/time/#ParseDuration). | 0 | No |
| <a id="opt-timeout" href="#opt-timeout" title="#opt-timeout">`timeout`</a> | How much time the middleware is allowed to retry the request. <br /> Defined in seconds or as a valid duration format, see [time.ParseDuration](https://golang.org/pkg/time/#ParseDuration). | 0 | No |
| <a id="opt-maxRequestBodyBytes" href="#opt-maxRequestBodyBytes" title="#opt-maxRequestBodyBytes">`maxRequestBodyBytes`</a> | Defines the maximum size for the request body. Default is `-1`, which means no limit. <br/>More information [here](#maxrequestbodybytes). | -1 | No |
| <a id="opt-maxRequestBodyBytes" href="#opt-maxRequestBodyBytes" title="#opt-maxRequestBodyBytes">`maxRequestBodyBytes`</a> | Defines the maximum size for the request body. <br/>More information [here](#maxrequestbodybytes). | 2MB | No |
| <a id="opt-status" href="#opt-status" title="#opt-status">`status`</a> | Defines the range of HTTP status codes to retry on. <br/>More information [here](#disableretryonnetworkerror-and-status). | [] | No |
| <a id="opt-disableRetryOnNetworkError" href="#opt-disableRetryOnNetworkError" title="#opt-disableRetryOnNetworkError">`disableRetryOnNetworkError`</a> | This option disables the retry if an error occurs when transmitting the request to the server. <br/>More information [here](#disableretryonnetworkerror-and-status). | false | No |
| <a id="opt-retryNonIdempotentMethod" href="#opt-retryNonIdempotentMethod" title="#opt-retryNonIdempotentMethod">`retryNonIdempotentMethod`</a> | Activates the retry for non-idempotent methods (`POST`, `LOCK`, `PATCH`) | false | No |
@@ -107,7 +107,7 @@ The `maxRequestBodyBytes` option controls the maximum size of request bodies tha
**⚠️ Important Security Consideration**
By default, `maxRequestBodyBytes` is not set (value: -1), which means request body size is unlimited. This can have significant security and performance implications:
When `maxRequestBodyBytes` is set to `-1`, it means there is no limit for request body size. This can have significant security and performance implications:
- **Security Risk**: Attackers can send extremely large request bodies, potentially causing DoS attacks or memory exhaustion
- **Performance Impact**: Large request bodies consume memory and processing resources, affecting overall system performance
pkg/config/dynamic/middlewares.go
+1 -1
View File
@@ -14,7 +14,7 @@ const (
// ForwardAuthDefaultMaxBodySize is the ForwardAuth.MaxBodySize option default value.
ForwardAuthDefaultMaxBodySize int64 = -1
// RetryDefaultMaxRequestBodyBytes is the Retry.MaxRequestBodyBytes option default value.
RetryDefaultMaxRequestBodyBytes int64 = -1
RetryDefaultMaxRequestBodyBytes int64 = 2 * 1024 * 1024 // 2 MB
)
// +k8s:deepcopy-gen=true