Jeremy Evans

I agree with not over-specifying, and just keeping the truthy test. We can update the first time `rack.hijack?` is mentioned in the documentation to use `truthy` instead of `true`.

> Do you have a suggestion for the fix? You need to wrap the related code in `DB.ignore_duplicate_queries`. For the above error, that could be done in `LoadBalancer#remove_vm`. `LoadBalancer#remove_vm_port` has...

Agreed, thanks for the follow up!

Submitted #2316 for this.

If you are using more than 4096 parameters, you need to configure a higher limit. the easiest way to do so is by setting the `RACK_QUERY_PARSER_PARAMS_LIMIT` environment variable to a...

Unfortunately, there isn't a way to fix the denial of service issue other than placing a limit on the number of parameters. On 64-bit platforms (all modern platforms really) Ruby...

Forget to account for the `&` to separate parameters, so it's only a maximum 16x increase in process memory per request body byte. So potentially 64MB process memory required per...

My two previous comments implied that you could actually cause that much memory usage after the patch, but that isn't accurate. The reason we added the limit on the number...

If your server/middleware is putting `HTTP_CONTENT_TYPE` into the `env` hash, it is not Rack compliant and needs to be fixed: https://github.com/rack/rack/blob/main/SPEC.rdoc#label-HTTP_+Headers

If you would like to set the limits inside the app: ```ruby Rack::Utils.default_query_parser = Rack::QueryParser.make_default(32, bytesize_limit: 4194304, params_limit: 4096) ```