)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"6bf32ec3396ce2c79aae4161c03f309a09356d8f","unresolved":true,"context_lines":[{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Fix upload image bigger than 1GB failed"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"In Apache 2.4.53 and older versions, the LimitRequestBody limit was set to unlimited. Apache changed this value in version 2.4.54. After updating to this version, users uploading large files may receive a 413 error code."},{"line_number":10,"context_line":""},{"line_number":11,"context_line":"horizon is running on apache2, and when the apache2 version is \u003e\u003d 2.4.54. the image upload will be failed if the image size is \u003e 1GB."},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"set the default size limit to 100GB。it is enough in most env."},{"line_number":14,"context_line":""}],"source_content_type":"text/x-gerrit-commit-message","patch_set":3,"id":"4ce274c1_19766e29","line":11,"range":{"start_line":9,"start_character":0,"end_line":11,"end_character":133},"updated":"2023-11-16 08:21:36.000000000","message":"Nit: could you please wrap lines to 72 characters? Thanks!","commit_id":"e67c2e47716db723e776fc9b4f31f4895ca6c38b"}],"/PATCHSET_LEVEL":[{"author":{"_account_id":32553,"name":"Sven Kieske","email":"sven_oss@posteo.de","username":"skieske"},"change_message_id":"a2a4efed7ff15b223a1f0ba768fae4bccf718f07","unresolved":true,"context_lines":[],"source_content_type":"","patch_set":4,"id":"fbce2c54_74aa69cd","updated":"2023-11-16 09:17:58.000000000","message":"I don\u0027t think it\u0027s good to reintroduce a dos vuln by setting this to 100 GB.\n\nimho a lower value should be choosen and the impact should be understood.","commit_id":"47f124e719f39e06d9adbfd0679d2e80f80fe150"}],"ansible/roles/horizon/templates/horizon.conf.j2":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"6bf32ec3396ce2c79aae4161c03f309a09356d8f","unresolved":true,"context_lines":[{"line_number":12,"context_line":"ServerSignature Off"},{"line_number":13,"context_line":"ServerTokens Prod"},{"line_number":14,"context_line":"TraceEnable off"},{"line_number":15,"context_line":"LimitRequestBody 107374182400"},{"line_number":16,"context_line":""},{"line_number":17,"context_line":"\u003cVirtualHost {{ api_interface_address }}:{{ horizon_listen_port }}\u003e"},{"line_number":18,"context_line":"    LogLevel warn"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"14054e61_7aafff46","line":15,"range":{"start_line":15,"start_character":0,"end_line":15,"end_character":29},"updated":"2023-11-16 08:21:36.000000000","message":"Could this provide a way for an authenticated user to perform a DoS attack against the Horizon service, by carrying multiple uploads of large images to fill up the file system?\n\nThis change may be irrelevant for master anyway, given the recent change of HORIZON_IMAGES_UPLOAD_MODE: https://review.opendev.org/c/openstack/kolla-ansible/+/900056","commit_id":"e67c2e47716db723e776fc9b4f31f4895ca6c38b"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"f585fb9806f9d8c6bf173e4f22da0e8230614617","unresolved":true,"context_lines":[{"line_number":12,"context_line":"ServerSignature Off"},{"line_number":13,"context_line":"ServerTokens Prod"},{"line_number":14,"context_line":"TraceEnable off"},{"line_number":15,"context_line":"LimitRequestBody 107374182400"},{"line_number":16,"context_line":""},{"line_number":17,"context_line":"\u003cVirtualHost {{ api_interface_address }}:{{ horizon_listen_port }}\u003e"},{"line_number":18,"context_line":"    LogLevel warn"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"770fe82f_ecdf3ff7","line":15,"range":{"start_line":15,"start_character":0,"end_line":15,"end_character":29},"in_reply_to":"14054e61_7aafff46","updated":"2023-11-16 08:36:43.000000000","message":"\u003e Could this provide a way for an authenticated user to perform a DoS attack against the Horizon service, by carrying multiple uploads of large images to fill up the file system?\n\nYes, I\u0027m worried about that, too. Also 100 GB seems pretty random, IMO we would need to make it configurable.\n\n\u003e This change may be irrelevant for master anyway, given the recent change of HORIZON_IMAGES_UPLOAD_MODE: https://review.opendev.org/c/openstack/kolla-ansible/+/900056\n\nWell deployments could still switch the mode.","commit_id":"e67c2e47716db723e776fc9b4f31f4895ca6c38b"},{"author":{"_account_id":22629,"name":"Michal Nasiadka","email":"mnasiadka@gmail.com","username":"mnasiadka"},"change_message_id":"d9636d3168e27591d3c2b0416d0e50114f499dfc","unresolved":true,"context_lines":[{"line_number":46,"context_line":"    SSLCertificateKeyFile /etc/horizon/certs/horizon-key.pem"},{"line_number":47,"context_line":"{% endif %}"},{"line_number":48,"context_line":"{% if horizon_httpd_limitrequestbody is defined %}"},{"line_number":49,"context_line":"    LimitRequestBody {{ horizon_httpd_limitrequestbody }}"},{"line_number":50,"context_line":"{% endif %}"},{"line_number":51,"context_line":"\u003c/VirtualHost\u003e"},{"line_number":52,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":5,"id":"7632a74d_35ea42d6","line":49,"updated":"2023-11-16 09:31:48.000000000","message":"Why do you want to introduce the same thing again?","commit_id":"8b9132d53fc75998a0436807ba30ec055745b44f"}]}