2021-03-09 13:09:41 -05:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
module Rack
|
|
|
|
module Multipart
|
|
|
|
class << self
|
|
|
|
module MultipartPatch
|
|
|
|
def extract_multipart(req, params = Rack::Utils.default_query_parser)
|
|
|
|
log_multipart_warning(req) if log_large_multipart?
|
|
|
|
|
|
|
|
super
|
|
|
|
end
|
|
|
|
|
|
|
|
def log_multipart_warning(req)
|
|
|
|
content_length = req.content_length.to_i
|
|
|
|
|
2021-03-11 16:09:09 -05:00
|
|
|
return unless content_length > log_threshold
|
2021-03-09 13:09:41 -05:00
|
|
|
|
|
|
|
message = {
|
|
|
|
message: "Large multipart body detected",
|
|
|
|
path: req.path,
|
|
|
|
content_length: content_length,
|
|
|
|
correlation_id: ::Labkit::Context.correlation_id
|
|
|
|
}
|
|
|
|
|
|
|
|
log_warn(message)
|
|
|
|
end
|
|
|
|
|
|
|
|
def log_warn(message)
|
|
|
|
warn message.to_json
|
|
|
|
end
|
|
|
|
|
|
|
|
def log_large_multipart?
|
|
|
|
Gitlab::Utils.to_boolean(ENV['ENABLE_RACK_MULTIPART_LOGGING'], default: true) && Gitlab.com?
|
|
|
|
end
|
2021-03-11 16:09:09 -05:00
|
|
|
|
|
|
|
def log_threshold
|
|
|
|
ENV.fetch('RACK_MULTIPART_LOGGING_BYTES', 100_000_000).to_i
|
|
|
|
end
|
2021-03-09 13:09:41 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
prepend MultipartPatch
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|