chore: (trigger) add WEBHOOK_REQUEST_BODY_MAX_SIZE (#25217)

api/.env.example

@@ -434,6 +434,9 @@ HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760
 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576
 HTTP_REQUEST_NODE_SSL_VERIFY=True
 
+# Webhook request configuration
+WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760
+
 # Respect X-* headers to redirect clients
 RESPECT_XFORWARD_HEADERS_ENABLED=false
 

api/configs/feature/__init__.py

@@ -147,6 +147,17 @@ class CodeExecutionSandboxConfig(BaseSettings):
     )
 
 
+class TriggerConfig(BaseSettings):
+    """
+    Configuration for trigger
+    """
+
+    WEBHOOK_REQUEST_BODY_MAX_SIZE: PositiveInt = Field(
+        description="Maximum allowed size for webhook request bodies in bytes",
+        default=10485760,
+    )
+
+
 class PluginConfig(BaseSettings):
     """
     Plugin configs
@@ -994,6 +1005,7 @@ class FeatureConfig(
     AuthConfig,  # Changed from OAuthConfig to AuthConfig
     BillingConfig,
     CodeExecutionSandboxConfig,
+    TriggerConfig,
     PluginConfig,
     MarketplaceConfig,
     DataSetConfig,

api/controllers/trigger/webhook.py

@@ -1,7 +1,7 @@
 import logging
 
 from flask import jsonify
-from werkzeug.exceptions import NotFound
+from werkzeug.exceptions import NotFound, RequestEntityTooLarge
 
 from controllers.trigger import bp
 from services.webhook_service import WebhookService
@@ -39,6 +39,8 @@ def handle_webhook(webhook_id: str):
 
     except ValueError as e:
         raise NotFound(str(e))
+    except RequestEntityTooLarge:
+        raise
     except Exception as e:
         logger.exception("Webhook processing failed for %s", webhook_id)
         return jsonify({"error": "Internal server error", "message": str(e)}), 500

api/services/webhook_service.py

@@ -6,7 +6,9 @@ from typing import Any
 from flask import request
 from sqlalchemy import select
 from sqlalchemy.orm import Session
+from werkzeug.exceptions import RequestEntityTooLarge
 
+from configs import dify_config
 from core.file.models import FileTransferMethod
 from core.tools.tool_file_manager import ToolFileManager
 from core.variables.types import SegmentType
@@ -74,6 +76,14 @@ class WebhookService:
     @classmethod
     def extract_webhook_data(cls, webhook_trigger: WorkflowWebhookTrigger) -> dict[str, Any]:
         """Extract and process data from incoming webhook request."""
+
+        content_length = request.content_length
+        if content_length and content_length > dify_config.WEBHOOK_REQUEST_BODY_MAX_SIZE:
+            raise RequestEntityTooLarge(
+                f"Webhook request too large: {content_length} bytes exceeds maximum allowed size \
+                    of {dify_config.WEBHOOK_REQUEST_BODY_MAX_SIZE} bytes"
+            )
+
         data = {
             "method": request.method,
             "headers": dict(request.headers),

api/tests/integration_tests/.env.example

@@ -144,6 +144,9 @@ HTTP_REQUEST_MAX_WRITE_TIMEOUT=600
 HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760
 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576
 
+# Webhook configuration
+WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760
+
 # Respect X-* headers to redirect clients
 RESPECT_XFORWARD_HEADERS_ENABLED=false
 

docker/.env.example

@@ -908,6 +908,9 @@ HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760
 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576
 HTTP_REQUEST_NODE_SSL_VERIFY=True
 
+# Webhook request configuration
+WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760
+
 # Respect X-* headers to redirect clients
 RESPECT_XFORWARD_HEADERS_ENABLED=false
 

docker/docker-compose.yaml

@@ -405,6 +405,7 @@ x-shared-env: &shared-api-worker-env
   HTTP_REQUEST_NODE_MAX_BINARY_SIZE: ${HTTP_REQUEST_NODE_MAX_BINARY_SIZE:-10485760}
   HTTP_REQUEST_NODE_MAX_TEXT_SIZE: ${HTTP_REQUEST_NODE_MAX_TEXT_SIZE:-1048576}
   HTTP_REQUEST_NODE_SSL_VERIFY: ${HTTP_REQUEST_NODE_SSL_VERIFY:-True}
+  WEBHOOK_REQUEST_BODY_MAX_SIZE: ${WEBHOOK_REQUEST_BODY_MAX_SIZE:-10485760}
   RESPECT_XFORWARD_HEADERS_ENABLED: ${RESPECT_XFORWARD_HEADERS_ENABLED:-false}
   SSRF_PROXY_HTTP_URL: ${SSRF_PROXY_HTTP_URL:-http://ssrf_proxy:3128}
   SSRF_PROXY_HTTPS_URL: ${SSRF_PROXY_HTTPS_URL:-http://ssrf_proxy:3128}