allow disable limit_payload middleware #1113
Conversation
| ```yaml | ||
| #... | ||
| middlewares: | ||
| limit_payload: | ||
| enable: true | ||
| body_limit: 5mb | ||
| ``` |
There was a problem hiding this comment.
Maybe add an example of disabling the limit so they don't need to dig/guess for the param?
Could we allow a disable here where the middleware wouldn't be disabled but we use DefaultBodyLimitKind::Disable in the apply function? As far as I can tell the current PR doesn't let a user fully disable upload size. Something like below?
#[derive(Debug, Clone, Deserialize, Serialize)]
pub struct LimitPayload {
#[serde(default)]
pub enable: bool,
#[serde(deserialize_with = "deserialize_body_limit")]
#[serde(default = "default_body_limit")]
pub body_limit: usize,
pub no_limit: Option<bool>,
}
// ......
impl MiddlewareLayer for LimitPayload {
/// Applies the payload limit middleware to the application router by adding
/// a `DefaultBodyLimit` layer.
fn apply(&self, app: AXRouter<AppContext>) -> Result<AXRouter<AppContext>> {
match self.no_limit {
Some(true) => Ok(app.layer(axum::extract::DefaultBodyLimit::disable())),
_ => Ok(app.layer(axum::extract::DefaultBodyLimit::max(self.body_limit))),
}
}
### Remove the limit
_Caution: this can be dangerous because it would allow arbitrarily large files to be uploaded._
```yaml
#...
middlewares:
limit_payload:
no_limit: true
```
There was a problem hiding this comment.
You're absolutely right, this was part of the initial commit. After discussing it with @jondot, we wanted to understand why users might want the option to disable the limits.
We reviewed the middleware implementation and found no performance concerns with keeping the limits enabled. To ensure protection for users, we've decided to set a reasonable default limit, as it was originally. If a user needs a larger limit, they can easily increase it to suit their needs.
The goal is to strike a balance between safety and flexibility.
WDYT?
There was a problem hiding this comment.
So, in practice it's probably fine to set a stupidly large limit when you want "unlimited", but stating clearly that it's unlimited is more clear for future readers, vs wondering why 100GB is set as a limit. It's more about communication of intent than a strict requirement I guess.
For my use case I might be uploading kind of arbitrarily large log files, but they're realistically not often going to be more than a couple GB. I am all onboard with sensible defaults, and leaving the safeties on as a default is a good idea, but for some applications it might be nice to be able to switch them off.
Since DefaultBodyLimit::disable is available in Axum I think it makes sense to allow ergonomic access to it via the middleware settings as long as it is flagged as "this is potentially a massive footgun, think before disabling" in the docs.
There was a problem hiding this comment.
@BWStearns i agree,
reverted to the first implementation
Issue: #1075
This PR addresses the issue where the Limit Payload middleware is not loaded when it is configured as false in the Loco configuration. In such cases, the application falls back to the default Axum payload limit.
To ensure consistent behavior, the middleware should always be included. If the user wishes to disable the payload size limitation, they can explicitly set the body_limit configuration to