Merge branch 'sh-lower-multipart-log-threshold' into 'master'

Lower multipart log threshold from 500 MB to 100 MB See merge request gitlab-org/gitlab!56390

Merge branch 'sh-lower-multipart-log-threshold' into 'master'
Lower multipart log threshold from 500 MB to 100 MB See merge request gitlab-org/gitlab!56390
da75cd82 · Robert Speicher · 6fffce07 · 554c583e · da75cd82 · da75cd82
Commit da75cd82 authored Mar 11, 2021 by Robert Speicher
Showing with 36 additions and 14 deletions

config/initializers/rack_multipart_patch.rb config/initializers/rack_multipart_patch.rb +5 -1

spec/initializers/rack_multipart_patch_spec.rb spec/initializers/rack_multipart_patch_spec.rb +31 -13

No files found.
--- a/config/initializers/rack_multipart_patch.rb
+++ b/config/initializers/rack_multipart_patch.rb
@@ -13,7 +13,7 @@ module Rack
        def log_multipart_warning(req)
          content_length = req.content_length.to_i
-          return unless content_length > 500_000_000
+          return unless content_length > log_threshold
          message = {
            message: "Large multipart body detected",
@@ -32,6 +32,10 @@ module Rack
        def log_large_multipart?
          Gitlab::Utils.to_boolean(ENV['ENABLE_RACK_MULTIPART_LOGGING'], default: true) && Gitlab.com?
        end
+        def log_threshold
+          ENV.fetch('RACK_MULTIPART_LOGGING_BYTES', 100_000_000).to_i
+        end
      end
      prepend MultipartPatch

--- a/spec/initializers/rack_multipart_patch_spec.rb
+++ b/spec/initializers/rack_multipart_patch_spec.rb
@@ -42,20 +42,38 @@ EOF
  end
  context 'with Content-Length over the limit' do
-    it 'extracts multipart message' do
+    shared_examples 'logs multipart message' do
-      env = Rack::MockRequest.env_for("/", multipart_fixture(:text, 500_000_001))
+      it 'extracts multipart message' do
+        env = Rack::MockRequest.env_for("/", multipart_fixture(:text, length))
-      expect(described_class).to receive(:log_large_multipart?).and_return(true)
-      expect(described_class).to receive(:log_multipart_warning).and_call_original
-      expect(described_class).to receive(:log_warn).with({
-                                                           message: 'Large multipart body detected',
-                                                           path: '/',
-                                                           content_length: anything,
-                                                           correlation_id: anything
-                                                         })
-      params = described_class.parse_multipart(env)
-      expect(params.keys).to include(*%w(reply fileupload))
+        expect(described_class).to receive(:log_large_multipart?).and_return(true)
+        expect(described_class).to receive(:log_multipart_warning).and_call_original
+        expect(described_class).to receive(:log_warn).with({
+                                                             message: 'Large multipart body detected',
+                                                             path: '/',
+                                                             content_length: anything,
+                                                             correlation_id: anything
+                                                           })
+        params = described_class.parse_multipart(env)
+        expect(params.keys).to include(*%w(reply fileupload))
+      end
+    end
+    context 'from environment' do
+      let(:length) { 1001 }
+      before do
+        stub_env('RACK_MULTIPART_LOGGING_BYTES', 1000)
+      end
+      it_behaves_like 'logs multipart message'
+    end
+    context 'default limit' do
+      let(:length) { 100_000_001 }
+      it_behaves_like 'logs multipart message'
    end
  end
 end