Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doing HTTP response string truncation manually to support backports #872

Closed
wants to merge 1 commit into from
Closed

doing HTTP response string truncation manually to support backports #872

wants to merge 1 commit into from

Conversation

toepkerd
Copy link
Contributor

@toepkerd toepkerd commented Feb 23, 2024
edited
Loading

Description

Instead of leaving HTTP response string truncation to apache.hc.core5's toString(), which comes with a max string length argument, we do the truncation manually to support backports since previous versions don't use apache.hc.core5.

Issues Resolved

N/A

Check List

  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@toepkerd toepkerd marked this pull request as ready for review February 23, 2024 23:55
Hailong-am
Hailong-am reviewed Feb 28, 2024
View reviewed changes
...tions/core/src/main/kotlin/org/opensearch/notifications/core/client/DestinationHttpClient.kt
var responseString = EntityUtils.toString(entity)
if (responseString.length > (PluginSettings.maxHttpResponseSize / 2)) { // Java char is 2 bytes
responseString = responseString.substring(0, PluginSettings.maxHttpResponseSize / 2)
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we read the response fully, could that prevent the DDos? e.g. if the response have 1T, we still read them all into memory. Could be better to mimic the logic in EntityUtils in http5

@toepkerd toepkerd closed this Mar 14, 2024
@toepkerd toepkerd deleted the backport-dev branch March 14, 2024 23:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Hailong-am Hailong-am Hailong-am left review comments

@xluo-aws xluo-aws Awaiting requested review from xluo-aws xluo-aws is a code owner

@gaobinlong gaobinlong Awaiting requested review from gaobinlong gaobinlong is a code owner

@SuZhou-Joe SuZhou-Joe Awaiting requested review from SuZhou-Joe SuZhou-Joe is a code owner

@zhichao-aws zhichao-aws Awaiting requested review from zhichao-aws zhichao-aws is a code owner

@yuye-aws yuye-aws Awaiting requested review from yuye-aws yuye-aws is a code owner

@zhongnansu zhongnansu Awaiting requested review from zhongnansu zhongnansu is a code owner

@sbcd90 sbcd90 Awaiting requested review from sbcd90 sbcd90 is a code owner

@praveensameneni praveensameneni Awaiting requested review from praveensameneni praveensameneni is a code owner

@amsiglan amsiglan Awaiting requested review from amsiglan amsiglan is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@toepkerd @Hailong-am @toepkerd-zz