Skip to content

Commit

Permalink
Increase the maxHttpBufferSize (#6409)
Browse files Browse the repository at this point in the history
  • Loading branch information
heldersepu authored Jun 1, 2024
1 parent f1a1b6b commit 0b0d882
Show file tree
Hide file tree
Showing 6 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/frontend-admin-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ jobs:
run: "sed -i 's/\"enableAdminUITests\": false/\"enableAdminUITests\": true,\\n\"users\":{\"admin\":{\"password\":\"changeme1\",\"is_admin\":true}}/' settings.json"
-
name: increase maxHttpBufferSize
run: "sed -i 's/\"maxHttpBufferSize\": 10000/\"maxHttpBufferSize\": 10000000/' settings.json"
run: "sed -i 's/\"maxHttpBufferSize\": 50000/\"maxHttpBufferSize\": 10000000/' settings.json"
-
name: Disable import/export rate limiting
run: |
Expand Down
2 changes: 1 addition & 1 deletion doc/docker.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -510,7 +510,7 @@ For the editor container, you can also make it full width by adding `full-width-

| `SOCKETIO_MAX_HTTP_BUFFER_SIZE`
| The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks.
| `10000`
| `50000`

| `LOAD_TEST`
| Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance.
Expand Down
2 changes: 1 addition & 1 deletion doc/docker.md
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ For the editor container, you can also make it full width by adding `full-width-
| `FOCUS_LINE_PERCENTAGE_ARROW_UP` | Percentage of viewport height to be additionally scrolled when user presses arrow up in the line of the top of the viewport. Set to 0 to let the scroll to be handled as default by Etherpad | `0` |
| `FOCUS_LINE_DURATION` | Time (in milliseconds) used to animate the scroll transition. Set to 0 to disable animation | `0` |
| `FOCUS_LINE_CARET_SCROLL` | Flag to control if it should scroll when user places the caret in the last line of the viewport | `false` |
| `SOCKETIO_MAX_HTTP_BUFFER_SIZE` | The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. | `10000` |
| `SOCKETIO_MAX_HTTP_BUFFER_SIZE` | The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. | `50000` |
| `LOAD_TEST` | Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance. | `false` |
| `DUMP_ON_UNCLEAN_EXIT` | Enable dumping objects preventing a clean exit of Node.js. WARNING: this has a significant performance impact. | `false` |
| `EXPOSE_VERSION` | Expose Etherpad version in the web interface and in the Server http header. Do not enable on production machines. | `false` |
Expand Down
2 changes: 1 addition & 1 deletion settings.json.docker
Original file line number Diff line number Diff line change
Expand Up @@ -544,7 +544,7 @@
* value to work properly, but increasing the value increases susceptibility
* to denial of service attacks (malicious clients can exhaust memory).
*/
"maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:10000}"
"maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:50000}"
},

/*
Expand Down
2 changes: 1 addition & 1 deletion settings.json.template
Original file line number Diff line number Diff line change
Expand Up @@ -537,7 +537,7 @@
* value to work properly, but increasing the value increases susceptibility
* to denial of service attacks (malicious clients can exhaust memory).
*/
"maxHttpBufferSize": 10000
"maxHttpBufferSize": 50000
},

/*
Expand Down
2 changes: 1 addition & 1 deletion src/node/utils/Settings.ts
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ exports.socketIo = {
* properly, but increasing the value increases susceptibility to denial of service attacks
* (malicious clients can exhaust memory).
*/
maxHttpBufferSize: 10000,
maxHttpBufferSize: 50000,
};


Expand Down

0 comments on commit 0b0d882

Please sign in to comment.