Setting default max_request_id_length to 64

Setting sensible maximum size for Request ID. 64 should be enough for normal use cases but limited enough from current 16384 to not flood the logs by malicious requests. DocImpact SecurityImpact Related-to-bug: #1482301 Change-Id: I52ebf810f4699826baa2bdf91d28e24d902cf950
2015-08-06 16:33:07 +00:00 · 2015-08-06 16:33:07 +00:00 · bd593ddbe6
commit bd593ddbe6
parent 9fdc92b57b
2 changed files with 2 additions and 2 deletions
--- a/doc/source/configuring.rst
+++ b/doc/source/configuring.rst
@ -197,7 +197,7 @@ Optional. Default: The number of CPUs available will be used by default.
 Limits the maximum size of the x-openstack-request-id header which is
 logged. Affects only if context middleware is configured in pipeline.

-Optional. Default: ``0`` (Limited by max_header_line default: 16384)
+Optional. Default: ``64`` (Limited by max_header_line default: 16384)

 Configuring SSL Support
 ~~~~~~~~~~~~~~~~~~~~~~~~~
--- a/glance/api/middleware/context.py
+++ b/glance/api/middleware/context.py
@ -38,7 +38,7 @@ context_opts = [
                help=_('Allow unauthenticated users to access the API with '
                       'read-only privileges. This only applies when using '
                       'ContextMiddleware.')),
-    cfg.IntOpt('max_request_id_length', default=0,
+    cfg.IntOpt('max_request_id_length', default=64,
               help=_('Limits request ID length.')),
 ]