Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Feature Request: Limit user info
See original GitHub issueWe use this config for several ingress configurations:
# traefik ingress
ingress.kubernetes.io/auth-type: forward
ingress.kubernetes.io/auth-url: "https://eas.example.com/verify?config_token=CONFIG_TOKEN_HERE"
ingress.kubernetes.io/auth-response-headers: X-Userinfo, X-Id-Token, X-Access-Token, Authorization
Recently we got this kind of error messages from nginx and apache servers:
400 Bad Request
Request Header Or Cookie Too Large
nginx/1.17.7
It turns out that users which belong to several github organisations have a lot of data in the user info part. From my point of view it would be great to get a limited Info block which would could the loginname, userid, email address, mfa,
I checked the headers and the userinfo part alone is about 4k bytes for my user…
Issue Analytics
- State:
- Created 4 years ago
- Comments:9 (9 by maintainers)
Top Results From Across the Web
Feature request: Increase roles limit configuration
Role creation using the management API, where an end user can create custom roles, and there are many roles required for different functions....
Read more >Feature Request: Limit the number of characters for a field
Hello, I already saw, that a number of people would like to limit the number of characters in a text field. Therefore I...
Read more >Strategies for using feature limits
ArcIMS services, by design, have no limits on the number of features that can be selected or queried. Users can inadvertently or maliciously...
Read more >Common Feature Activation and Limit Change requests
Use the following index to quickly identify how to complete the most frequent Feature Activation and Limit Change requests received by Salesforce Support....
Read more >[Feature Request] Limit User Sessions | WordPress.org
Hello,. I would like to suggest a new feature: Limit User Sessions. This would be a new setting under User Login in which...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
It’s not always easy to do. For example in Istio/Envoy it’s so called
ext_authzplugin, and you don’t have much control of headers in “inner” cycle (envoy <-> ext_authz service), yet you do have control over “outer” cycle (clien t<-> envoy <-> ext_authz service <-> envoy <-> destination). So you have to strip unneeded headers before it hits destination, which you can easily forget to do. And you can’t declinecookieheader (which is almost always the source of the problems with header size limits) for entering your ingress, becauseeasis actually using it.So I would like to see this feature added as well.
BTW,
easitself suffers from the same workflow. If you hiteaswith big header (for examplecookie> 4Kb) it will return you HTTP error 400. Becausenodehas default limit for header size of 4Kb. But it could be easily fixed with Environment Variable =NODE_OPTIONS=--max-http-header-size=61440https://github.com/travisghansen/external-auth-server/commit/dcf8f24fccaa7cf17cfdd7dc6d005b7e54636c1b