You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue Summary
The problem occurs with Gunicorn version 20.0.4 in the Docker image redash/redash:10.1.0.b50633. By default, this version of Gunicorn imposes strict limitations on the size of HTTP headers it accepts, which can cause issues when requests include larger-than-expected headers.
To resolve this issue, it would be necessary to update Gunicorn to version 20.1.0 or higher, where these limitations can be managed more flexibly.
Another suggestion is to modify the startup script to allow customization of header-related parameters, such as LIMIT_REQUEST_FIELDS and LIMIT_REQUEST_FIELD_SIZE. Here is the suggested script:
server() {
# Recycle gunicorn workers every n-th request. See http://docs.gunicorn.org/en/stable/settings.html#max-requests for more details.
MAX_REQUESTS=${MAX_REQUESTS:-1000}
MAX_REQUESTS_JITTER=${MAX_REQUESTS_JITTER:-100}
LIMIT_REQUEST_FIELD_SIZE=${LIMIT_REQUEST_FIELD_SIZE:-8190}
LIMIT_REQUEST_FIELDS=${LIMIT_REQUEST_FIELDS:-100}exec /usr/local/bin/gunicorn -b 0.0.0.0:5000 --name redash -w${REDASH_WEB_WORKERS:-4} redash.wsgi:app --max-requests $MAX_REQUESTS --max-requests-jitter $MAX_REQUESTS_JITTER --limit-request-field_size ${LIMIT_REQUEST_FIELD_SIZE} --limit-request-fields ${LIMIT_REQUEST_FIELDS}${EXTRA_OPTS}
}
This script sets LIMIT_REQUEST_FIELDS and LIMIT_REQUEST_FIELD_SIZE as environment variables, making it easier to adjust these parameters without rebuilding the image. It also allows adding additional options at the end of the command.
Steps to Reproduce
Use the Docker image redash/redash:10.1.0.b50633 with Gunicorn version 20.0.4.
Send a request with headers exceeding the default size limits set by Gunicorn.
Observe that the request is rejected due to header size constraints.
Expected Behavior
Gunicorn should accept larger HTTP headers or allow configurable limits without requiring an image rebuild.
Issue Summary
The problem occurs with Gunicorn version 20.0.4 in the Docker image redash/redash:10.1.0.b50633. By default, this version of Gunicorn imposes strict limitations on the size of HTTP headers it accepts, which can cause issues when requests include larger-than-expected headers.
To resolve this issue, it would be necessary to update Gunicorn to version 20.1.0 or higher, where these limitations can be managed more flexibly.
Another suggestion is to modify the startup script to allow customization of header-related parameters, such as LIMIT_REQUEST_FIELDS and LIMIT_REQUEST_FIELD_SIZE. Here is the suggested script:
This script sets LIMIT_REQUEST_FIELDS and LIMIT_REQUEST_FIELD_SIZE as environment variables, making it easier to adjust these parameters without rebuilding the image. It also allows adding additional options at the end of the command.
Steps to Reproduce
Use the Docker image redash/redash:10.1.0.b50633 with Gunicorn version 20.0.4.
Send a request with headers exceeding the default size limits set by Gunicorn.
Observe that the request is rejected due to header size constraints.
Expected Behavior
Gunicorn should accept larger HTTP headers or allow configurable limits without requiring an image rebuild.
Co-authored with @jbragagnolo
The text was updated successfully, but these errors were encountered: