Comment 22 for bug 1098307
Revision history for this message
| Dan Prince (dan-prince) wrote Re: unauthenticated POST to /tokens can fill up disk/logs | #22 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
ayoung/ttx:
Where are we logging request URL's (with verbose/debug logging disabled)?
Also, AFAIK eventlet defaults are going to cover us in terms of limiting both the request URL size and the max size of HTTP headers.
Looking at the source for Eventlets wsgi.py shows:
url_length_
MAX_HEADER_LINE = 8192
MAX_TOTAL_
----
Perhaps I've misunderstood something but if this is in fact what you are concerned about it would appear that eventlet's WSGI defaults cover us here.
----
The issue I'm talking about in this ticket is only caused by a really large request body (100 MB+) where the large data inputs go all the way to the keystone backends and only then get logged to disks.
And by doing that I am able to increase the log file size by 100MB per request at a production logging level. At that rate it isn't going to take that many requests for me to fill up a disk.