--limit-request-line check default to MAX_REQUEST_LINE

[christfriedbalizou]

Increasing the limit request line above the MAX_REQUEST_LINE will default to MAX_REQUEST_LINE.

https://github.com/benoitc/gunicorn/blob/88fc4a43152039c28096c8ba3eeadb3fbaa4aff9/gunicorn/http/message.py#L249C9-L253C55

    # get max request line size
    self.limit_request_line = cfg.limit_request_line
    if (self.limit_request_line < 0
                or self.limit_request_line >= MAX_REQUEST_LINE):
            self.limit_request_line = MAX_REQUEST_LINE

This is an issue because the other option is to set the limit_request_line to 0 to make it unlimited. Is this configuration aimed to be 0 or less than MAX_REQUEST_LINE?

Can a higher limit be set as in Nginx? If so, I would be happy to submit a PR.

[pajod]

Linking commit https://github.com/benoitc/gunicorn/commit/d79ff999ce895e2ed0ea02aa8729e6da736dfc27 and comment https://github.com/benoitc/gunicorn/commit/b7b0979ad9fdb53d0a1287f29e78a8daa987831f#r2629719 for easier inquiry into why it was swapped around.

Imho capping both lower and upper bound are wrong, we should just respect what was configured - using a default >=8000 only if unset.

[christfriedbalizou]

Completely agree with you @pajod and I think that's what we should head for.

[benoitc]

well this has been done on purpose 12 years ago to ensure we can't receive too large lines. But I agree it should be a default now instead of beeing a hard limitation.