diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b17ff8b..7560957b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,13 +17,20 @@ and this project adheres to ## [v0.105.1] - 2021-02-24 --> +### Changed + +- Increase the HTTP API request body size limit for the `/control/access/set` + API ([#2666]). + ### Fixed +- Set the request body size limit for HTTPS reqeusts as well. - Incorrect version tag in the Docker release ([#2663]). - DNSCrypt queries weren't marked as such in logs ([#2662]). [#2662]: https://github.com/AdguardTeam/AdGuardHome/issues/2662 [#2663]: https://github.com/AdguardTeam/AdGuardHome/issues/2663 +[#2666]: https://github.com/AdguardTeam/AdGuardHome/issues/2666 diff --git a/internal/home/middlewares.go b/internal/home/middlewares.go index d530ace8..7d34f73e 100644 --- a/internal/home/middlewares.go +++ b/internal/home/middlewares.go @@ -30,7 +30,17 @@ const RequestBodySizeLimit = 64 * 1024 func limitRequestBody(h http.Handler) (limited http.Handler) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { var err error - r.Body, err = aghio.LimitReadCloser(r.Body, RequestBodySizeLimit) + + var bodySizeLimit int64 = RequestBodySizeLimit + if u := r.URL; u.Path == "/control/access/set" { + // An exception for a poorly designed API. Remove once + // the new, better API is up. + // + // See https://github.com/AdguardTeam/AdGuardHome/issues/2666. + bodySizeLimit *= 4 + } + + r.Body, err = aghio.LimitReadCloser(r.Body, bodySizeLimit) if err != nil { log.Error("limitRequestBody: %s", err) diff --git a/internal/home/web.go b/internal/home/web.go index 0048f427..cdd19aba 100644 --- a/internal/home/web.go +++ b/internal/home/web.go @@ -259,7 +259,7 @@ func (web *Web) tlsServerLoop() { RootCAs: Context.tlsRoots, CipherSuites: Context.tlsCiphers, }, - Handler: Context.mux, + Handler: withMiddlewares(Context.mux, limitRequestBody), ReadTimeout: web.conf.ReadTimeout, ReadHeaderTimeout: web.conf.ReadHeaderTimeout, WriteTimeout: web.conf.WriteTimeout,