fix(web): Allow configuration of read-buffer-size (#675)

This fixes the `431 Request Header Fields Too Large` error By default, the read-buffer-size is 8192, up from fiber's default of 4096. Fixes #674 Fixes #636 Supersedes #637 Supersedes #663
2024-02-07 18:54:30 -05:00
parent 3d1b4e566d
commit 2a623a59d3
4 changed files with 157 additions and 80 deletions
--- a/config/web/web.go
+++ b/config/web/web.go
@ -13,10 +13,16 @@ const (

 	// DefaultPort is the default port the application will listen on
 	DefaultPort = 8080
+
+	// DefaultReadBufferSize is the default value for ReadBufferSize
+	DefaultReadBufferSize = 8192
+
+	// MinimumReadBufferSize is the minimum value for ReadBufferSize, and also the default value set
+	// for fiber.Config.ReadBufferSize
+	MinimumReadBufferSize = 4096
 )

-// Config is the structure which supports the configuration of the endpoint
-// which provides access to the web frontend
+// Config is the structure which supports the configuration of the server listening to requests
 type Config struct {
 	// Address to listen on (defaults to 0.0.0.0 specified by DefaultAddress)
 	Address string `yaml:"address"`
@ -24,6 +30,14 @@ type Config struct {
 	// Port to listen on (default to 8080 specified by DefaultPort)
 	Port int `yaml:"port"`

+	// ReadBufferSize sets fiber.Config.ReadBufferSize, which is the buffer size for reading requests coming from a
+	// single connection and also acts as a limit for the maximum header size.
+	//
+	// If you're getting occasional "Request Header Fields Too Large", you may want to try increasing this value.
+	//
+	// Defaults to DefaultReadBufferSize
+	ReadBufferSize int `yaml:"read-buffer-size,omitempty"`
+
 	// TLS configuration (optional)
 	TLS *TLSConfig `yaml:"tls,omitempty"`
 }
@ -38,7 +52,11 @@ type TLSConfig struct {

 // GetDefaultConfig returns a Config struct with the default values
 func GetDefaultConfig() *Config {
-	return &Config{Address: DefaultAddress, Port: DefaultPort}
+	return &Config{
+		Address:        DefaultAddress,
+		Port:           DefaultPort,
+		ReadBufferSize: DefaultReadBufferSize,
+	}
 }

 // ValidateAndSetDefaults validates the web configuration and sets the default values if necessary.
@ -53,6 +71,12 @@ func (web *Config) ValidateAndSetDefaults() error {
 	} else if web.Port < 0 || web.Port > math.MaxUint16 {
 		return fmt.Errorf("invalid port: value should be between %d and %d", 0, math.MaxUint16)
 	}
+	// Validate ReadBufferSize
+	if web.ReadBufferSize == 0 {
+		web.ReadBufferSize = DefaultReadBufferSize // Not set? Use the default value.
+	} else if web.ReadBufferSize < MinimumReadBufferSize {
+		web.ReadBufferSize = MinimumReadBufferSize // Below the minimum? Use the minimum value.
+	}
 	// Try to load the TLS certificates
 	if web.TLS != nil {
 		if err := web.TLS.isValid(); err != nil {
--- a/config/web/web_test.go
+++ b/config/web/web_test.go
@ -12,6 +12,9 @@ func TestGetDefaultConfig(t *testing.T) {
 	if defaultConfig.Address != DefaultAddress {
 		t.Error("expected default config to have the default address")
 	}
+	if defaultConfig.ReadBufferSize != DefaultReadBufferSize {
+		t.Error("expected default config to have the default read buffer size")
+	}
 	if defaultConfig.TLS != nil {
 		t.Error("expected default config to have TLS disabled")
 	}
@ -19,18 +22,20 @@ func TestGetDefaultConfig(t *testing.T) {

 func TestConfig_ValidateAndSetDefaults(t *testing.T) {
 	scenarios := []struct {
-		name            string
-		cfg             *Config
-		expectedAddress string
-		expectedPort    int
-		expectedErr     bool
+		name                   string
+		cfg                    *Config
+		expectedAddress        string
+		expectedPort           int
+		expectedReadBufferSize int
+		expectedErr            bool
 	}{
 		{
-			name:            "no-explicit-config",
-			cfg:             &Config{},
-			expectedAddress: "0.0.0.0",
-			expectedPort:    8080,
-			expectedErr:     false,
+			name:                   "no-explicit-config",
+			cfg:                    &Config{},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 8192,
+			expectedErr:            false,
 		},
 		{
 			name:        "invalid-port",
@ -38,25 +43,52 @@ func TestConfig_ValidateAndSetDefaults(t *testing.T) {
 			expectedErr: true,
 		},
 		{
-			name:            "with-good-tls-config",
-			cfg:             &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
-			expectedAddress: "0.0.0.0",
-			expectedPort:    443,
-			expectedErr:     false,
+			name:                   "read-buffer-size-below-minimum",
+			cfg:                    &Config{ReadBufferSize: 1024},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: MinimumReadBufferSize, // minimum is 4096, default is 8192.
+			expectedErr:            false,
 		},
 		{
-			name:            "with-bad-tls-config",
-			cfg:             &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/badcert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
-			expectedAddress: "0.0.0.0",
-			expectedPort:    443,
-			expectedErr:     true,
+			name:                   "read-buffer-size-at-minimum",
+			cfg:                    &Config{ReadBufferSize: MinimumReadBufferSize},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 4096,
+			expectedErr:            false,
 		},
 		{
-			name:            "with-partial-tls-config",
-			cfg:             &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "", PrivateKeyFile: "../../testdata/cert.key"}},
-			expectedAddress: "0.0.0.0",
-			expectedPort:    443,
-			expectedErr:     true,
+			name:                   "custom-read-buffer-size",
+			cfg:                    &Config{ReadBufferSize: 65536},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           8080,
+			expectedReadBufferSize: 65536,
+			expectedErr:            false,
+		},
+		{
+			name:                   "with-good-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/cert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            false,
+		},
+		{
+			name:                   "with-bad-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "../../testdata/badcert.pem", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            true,
+		},
+		{
+			name:                   "with-partial-tls-config",
+			cfg:                    &Config{Port: 443, TLS: &TLSConfig{CertificateFile: "", PrivateKeyFile: "../../testdata/cert.key"}},
+			expectedAddress:        "0.0.0.0",
+			expectedPort:           443,
+			expectedReadBufferSize: 8192,
+			expectedErr:            true,
 		},
 	}
 	for _, scenario := range scenarios {
@ -68,10 +100,13 @@ func TestConfig_ValidateAndSetDefaults(t *testing.T) {
 			}
 			if !scenario.expectedErr {
 				if scenario.cfg.Port != scenario.expectedPort {
-					t.Errorf("expected port to be %d, got %d", scenario.expectedPort, scenario.cfg.Port)
+					t.Errorf("expected Port to be %d, got %d", scenario.expectedPort, scenario.cfg.Port)
+				}
+				if scenario.cfg.ReadBufferSize != scenario.expectedReadBufferSize {
+					t.Errorf("expected ReadBufferSize to be %d, got %d", scenario.expectedReadBufferSize, scenario.cfg.ReadBufferSize)
 				}
 				if scenario.cfg.Address != scenario.expectedAddress {
-					t.Errorf("expected address to be %s, got %s", scenario.expectedAddress, scenario.cfg.Address)
+					t.Errorf("expected Address to be %s, got %s", scenario.expectedAddress, scenario.cfg.Address)
 				}
 			}
 		})