OpenStack Heat

In REST API JSON API body should be size limited

Bug #1215501 reported by Clint Byrum on 2013-08-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack Heat	Fix Released	High	Liang Chen	OpenStack Heat 2013.2 "havana"

JSON costs memory and CPU to parse, so we should put a cap on the length of JSON allowed in request bodies.

A workaround for this might be to run under a proxy or even apache mod_wsgi and cap the request body length there.

Steve Baker (steve-stevebaker) on 2013-08-22

Changed in heat:
milestone:	none → havana-3

Liang Chen (cbjchen) on 2013-08-29

Changed in heat:
assignee:	nobody → Liang Chen (cbjchen)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-08-31: Fix proposed to heat (master)

Fix proposed to branch: master
Review: https://review.openstack.org/44585

Changed in heat:
status:	Triaged → In Progress

Thierry Carrez (ttx) on 2013-09-05

Changed in heat:
milestone:	havana-3 → havana-rc1

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-09-11: Fix merged to heat (master)

commit d899f8d9b745af7f9e7240389718bd3c8045a7dc
Author: Liang Chen <email address hidden>
Date: Sat Aug 31 14:53:43 2013 +0800

Impose a size limit on JSON request body

The size limit on JSON request body is to ensure the server not being
overwhelmed by extremly large JSON request body.

Change-Id: Ia58f6690e994d34212953c44821f7a4cc4c435fe

Changed in heat:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-10-03

Changed in heat:
status:	Fix Committed → Fix Released

Thierry Carrez (ttx) on 2013-10-17

Changed in heat:
milestone:	havana-rc1 → 2013.2

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Bug watches keep track of this bug in other bug trackers.