Documentation
¶
Overview ¶
Package decoding implements the configuration side of the upgraded gzip decompression framework. The original work only enabled gzip decoding for a few endpoints-- here we enable if for all of OPA. Additionally, we provide some new defensive configuration options: max_length, and gzip.max_length. These allow rejecting requests that indicate their contents are larger than the size limits.
The request handling pipeline now looks roughly like this:
Request -> MaxBytesReader(Config.MaxLength) -> ir.CopyN(dest, req, Gzip.MaxLength)
The intent behind this design is to improve how OPA handles large and/or malicious requests, compressed or otherwise. The benefit of being a little more strict in what we allow is that we can now use "riskier", but dramatically more performant techniques, like preallocating content buffers for gzipped data. This also should help OPAs in limited memory situations.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
MaxLength *int64 `json:"max_length,omitempty"` // maximum request size that will be read, regardless of compression.
Gzip *Gzip `json:"gzip,omitempty"`
}
Config represents the configuration for the Server.Decoding settings
type ConfigBuilder ¶
type ConfigBuilder struct {
// contains filtered or unexported fields
}
ConfigBuilder assists in the construction of the plugin configuration.
func NewConfigBuilder ¶
func NewConfigBuilder() *ConfigBuilder
NewConfigBuilder returns a new ConfigBuilder to build and parse the server config
func (*ConfigBuilder) Parse ¶
func (b *ConfigBuilder) Parse() (*Config, error)
Parse returns a valid Config object with defaults injected.
func (*ConfigBuilder) WithBytes ¶
func (b *ConfigBuilder) WithBytes(config []byte) *ConfigBuilder
WithBytes sets the raw server config
Source Files