Skip to content

feat: bound request and response body buffering in plugins#13705

Open
shreemaan-abhishek wants to merge 1 commit into
apache:masterfrom
shreemaan-abhishek:feat/plugin-body-size-bounds
Open

feat: bound request and response body buffering in plugins#13705
shreemaan-abhishek wants to merge 1 commit into
apache:masterfrom
shreemaan-abhishek:feat/plugin-body-size-bounds

Conversation

@shreemaan-abhishek

Copy link
Copy Markdown
Contributor

Description

Several plugins read the request or response body fully into worker memory without a plugin-local size limit, relying entirely on the gateway-wide client_max_body_size (which defaults to 0, i.e. unlimited). This adds an explicit, configurable bound to those plugins, matching the max_req_body_size field already present in forward-auth and hmac-auth.

  • max_req_body_size (default 64MiB) added to plugins that buffer the request body: request-validation, oas-validator, authz-keycloak, degraphql, grpc-web, cas-auth, openwhisk, http-dubbo, the serverless plugins (aws-lambda, azure-functions, openfunction), body-transformer, and the AI plugins ai-prompt-guard, ai-prompt-decorator, ai-prompt-template, ai-request-rewrite. Requests whose body exceeds the limit are rejected.
  • max_resp_body_size (default 64MiB) added to plugins that buffer the response body: response-rewrite, body-transformer, proxy-cache (memory strategy), grpc-transcode. Larger responses are truncated; proxy-cache streams them through uncached to avoid caching a truncated body.

Both fields reuse the existing core.request.get_body(max_size) / core.response.hold_body_chunk(..., max_resp_body_bytes) primitives.

Which issue(s) this PR fixes:

Fixes #

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible

Add max_req_body_size to plugins that read the request body into memory
(request-validation, oas-validator, authz-keycloak, degraphql, grpc-web,
cas-auth, openwhisk, http-dubbo, serverless, body-transformer, and the
ai-prompt-*/ai-request-rewrite plugins) and max_resp_body_size to plugins
that buffer the response body (response-rewrite, body-transformer,
proxy-cache, grpc-transcode), matching the existing bound in forward-auth
and hmac-auth. Both default to 64MiB.
@dosubot dosubot Bot added size:L This PR changes 100-499 lines, ignoring generated files. doc Documentation things enhancement New feature or request labels Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

doc Documentation things enhancement New feature or request size:L This PR changes 100-499 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant