diff --git a/.github/workflows/frontend-admin-tests.yml b/.github/workflows/frontend-admin-tests.yml index db39de936..c422b6450 100644 --- a/.github/workflows/frontend-admin-tests.yml +++ b/.github/workflows/frontend-admin-tests.yml @@ -85,7 +85,7 @@ jobs: run: "sed -i 's/\"enableAdminUITests\": false/\"enableAdminUITests\": true,\\n\"users\":{\"admin\":{\"password\":\"changeme1\",\"is_admin\":true}}/' settings.json" - name: increase maxHttpBufferSize - run: "sed -i 's/\"maxHttpBufferSize\": 10000/\"maxHttpBufferSize\": 10000000/' settings.json" + run: "sed -i 's/\"maxHttpBufferSize\": 50000/\"maxHttpBufferSize\": 10000000/' settings.json" - name: Disable import/export rate limiting run: | diff --git a/doc/docker.adoc b/doc/docker.adoc index e26323337..ca47555fb 100644 --- a/doc/docker.adoc +++ b/doc/docker.adoc @@ -510,7 +510,7 @@ For the editor container, you can also make it full width by adding `full-width- | `SOCKETIO_MAX_HTTP_BUFFER_SIZE` | The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. -| `10000` +| `50000` | `LOAD_TEST` | Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance. diff --git a/doc/docker.md b/doc/docker.md index 7ff037a8a..6826d239e 100644 --- a/doc/docker.md +++ b/doc/docker.md @@ -213,7 +213,7 @@ For the editor container, you can also make it full width by adding `full-width- | `FOCUS_LINE_PERCENTAGE_ARROW_UP` | Percentage of viewport height to be additionally scrolled when user presses arrow up in the line of the top of the viewport. Set to 0 to let the scroll to be handled as default by Etherpad | `0` | | `FOCUS_LINE_DURATION` | Time (in milliseconds) used to animate the scroll transition. Set to 0 to disable animation | `0` | | `FOCUS_LINE_CARET_SCROLL` | Flag to control if it should scroll when user places the caret in the last line of the viewport | `false` | -| `SOCKETIO_MAX_HTTP_BUFFER_SIZE` | The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. | `10000` | +| `SOCKETIO_MAX_HTTP_BUFFER_SIZE` | The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. | `50000` | | `LOAD_TEST` | Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance. | `false` | | `DUMP_ON_UNCLEAN_EXIT` | Enable dumping objects preventing a clean exit of Node.js. WARNING: this has a significant performance impact. | `false` | | `EXPOSE_VERSION` | Expose Etherpad version in the web interface and in the Server http header. Do not enable on production machines. | `false` | diff --git a/settings.json.docker b/settings.json.docker index dcfcef902..bbe96fc51 100644 --- a/settings.json.docker +++ b/settings.json.docker @@ -544,7 +544,7 @@ * value to work properly, but increasing the value increases susceptibility * to denial of service attacks (malicious clients can exhaust memory). */ - "maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:10000}" + "maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:50000}" }, /* diff --git a/settings.json.template b/settings.json.template index 9e58bad60..66bb837a1 100644 --- a/settings.json.template +++ b/settings.json.template @@ -537,7 +537,7 @@ * value to work properly, but increasing the value increases susceptibility * to denial of service attacks (malicious clients can exhaust memory). */ - "maxHttpBufferSize": 10000 + "maxHttpBufferSize": 50000 }, /* diff --git a/src/node/utils/Settings.ts b/src/node/utils/Settings.ts index e648b9c7e..4bf5f2d79 100644 --- a/src/node/utils/Settings.ts +++ b/src/node/utils/Settings.ts @@ -153,7 +153,7 @@ exports.socketIo = { * properly, but increasing the value increases susceptibility to denial of service attacks * (malicious clients can exhaust memory). */ - maxHttpBufferSize: 10000, + maxHttpBufferSize: 50000, };