router
router copied to clipboard
apollographql
Warn only mode for max http request bytes and parser tokens
Is your feature request related to a problem? Please describe.**
Router has a feature today to limit the incoming operation with various options like so
limits:
http_max_request_bytes: 2000000
parser_max_tokens: 15000
parser_max_recursion: 500
max_height: 20
max_depth: 5
warn_only: true
If I set the warn_only mode, then any operations that are to big still are supposed to pass but just log. This is true for options like max_height and max_depth but it is not true for
http_max_request_bytesparser_max_tokensparser_max_recursion
All of these options hard fail a request even if I have set warn_only: true
Describe the solution you'd like
I see two possible solutions, if these are not configurable internally to be warning options then we should maybe move them out to a different config group that does not have a warn mode, (maybe https://github.com/apollographql/router/issues/5277)
server:
http_max_request_bytes: 2000000
parser_max_tokens: 15000
parser_max_recursion: 500
limits:
max_height: 20
max_depth: 5
warn_only: true
OR
if it is possible to make this warn and not hard error we could set a warn_max and a true_max or if even possible when warn mode is on, dynamically grow the max and just log that we have done so.
Describe alternatives you've considered
I could implement this elsewhere as a coprocessor or API gateway plugin if I wanted to set lower limits and find the proper values. I could also set higher limits in Router to make sure they are never hit, but it would be much easier to know what those values were if I was logging anytime those values went above my current configured threashold
