From 68f73410fcdbf43ff1c77ce9851ab985937b0b03 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=9D=9E=E6=B3=95=E6=93=8D=E4=BD=9C?= Date: Fri, 5 Sep 2025 12:23:11 +0800 Subject: [PATCH] chore: (trigger) add WEBHOOK_REQUEST_BODY_MAX_SIZE (#25217) --- api/.env.example | 3 +++ api/configs/feature/__init__.py | 12 ++++++++++++ api/controllers/trigger/webhook.py | 4 +++- api/services/webhook_service.py | 10 ++++++++++ api/tests/integration_tests/.env.example | 3 +++ docker/.env.example | 3 +++ docker/docker-compose.yaml | 1 + 7 files changed, 35 insertions(+), 1 deletion(-) diff --git a/api/.env.example b/api/.env.example index e947c5584b..d27dbab885 100644 --- a/api/.env.example +++ b/api/.env.example @@ -434,6 +434,9 @@ HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576 HTTP_REQUEST_NODE_SSL_VERIFY=True +# Webhook request configuration +WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760 + # Respect X-* headers to redirect clients RESPECT_XFORWARD_HEADERS_ENABLED=false diff --git a/api/configs/feature/__init__.py b/api/configs/feature/__init__.py index 7638cd1899..13bd935769 100644 --- a/api/configs/feature/__init__.py +++ b/api/configs/feature/__init__.py @@ -147,6 +147,17 @@ class CodeExecutionSandboxConfig(BaseSettings): ) +class TriggerConfig(BaseSettings): + """ + Configuration for trigger + """ + + WEBHOOK_REQUEST_BODY_MAX_SIZE: PositiveInt = Field( + description="Maximum allowed size for webhook request bodies in bytes", + default=10485760, + ) + + class PluginConfig(BaseSettings): """ Plugin configs @@ -994,6 +1005,7 @@ class FeatureConfig( AuthConfig, # Changed from OAuthConfig to AuthConfig BillingConfig, CodeExecutionSandboxConfig, + TriggerConfig, PluginConfig, MarketplaceConfig, DataSetConfig, diff --git a/api/controllers/trigger/webhook.py b/api/controllers/trigger/webhook.py index 30d170d388..04f2d6483d 100644 --- a/api/controllers/trigger/webhook.py +++ b/api/controllers/trigger/webhook.py @@ -1,7 +1,7 @@ import logging from flask import jsonify -from werkzeug.exceptions import NotFound +from werkzeug.exceptions import NotFound, RequestEntityTooLarge from controllers.trigger import bp from services.webhook_service import WebhookService @@ -39,6 +39,8 @@ def handle_webhook(webhook_id: str): except ValueError as e: raise NotFound(str(e)) + except RequestEntityTooLarge: + raise except Exception as e: logger.exception("Webhook processing failed for %s", webhook_id) return jsonify({"error": "Internal server error", "message": str(e)}), 500 diff --git a/api/services/webhook_service.py b/api/services/webhook_service.py index 2cba935166..1d831e8d24 100644 --- a/api/services/webhook_service.py +++ b/api/services/webhook_service.py @@ -6,7 +6,9 @@ from typing import Any from flask import request from sqlalchemy import select from sqlalchemy.orm import Session +from werkzeug.exceptions import RequestEntityTooLarge +from configs import dify_config from core.file.models import FileTransferMethod from core.tools.tool_file_manager import ToolFileManager from core.variables.types import SegmentType @@ -74,6 +76,14 @@ class WebhookService: @classmethod def extract_webhook_data(cls, webhook_trigger: WorkflowWebhookTrigger) -> dict[str, Any]: """Extract and process data from incoming webhook request.""" + + content_length = request.content_length + if content_length and content_length > dify_config.WEBHOOK_REQUEST_BODY_MAX_SIZE: + raise RequestEntityTooLarge( + f"Webhook request too large: {content_length} bytes exceeds maximum allowed size \ + of {dify_config.WEBHOOK_REQUEST_BODY_MAX_SIZE} bytes" + ) + data = { "method": request.method, "headers": dict(request.headers), diff --git a/api/tests/integration_tests/.env.example b/api/tests/integration_tests/.env.example index 2e98dec964..0e07ff2183 100644 --- a/api/tests/integration_tests/.env.example +++ b/api/tests/integration_tests/.env.example @@ -144,6 +144,9 @@ HTTP_REQUEST_MAX_WRITE_TIMEOUT=600 HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576 +# Webhook configuration +WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760 + # Respect X-* headers to redirect clients RESPECT_XFORWARD_HEADERS_ENABLED=false diff --git a/docker/.env.example b/docker/.env.example index 96ad09ab99..1144339fa1 100644 --- a/docker/.env.example +++ b/docker/.env.example @@ -908,6 +908,9 @@ HTTP_REQUEST_NODE_MAX_BINARY_SIZE=10485760 HTTP_REQUEST_NODE_MAX_TEXT_SIZE=1048576 HTTP_REQUEST_NODE_SSL_VERIFY=True +# Webhook request configuration +WEBHOOK_REQUEST_BODY_MAX_SIZE=10485760 + # Respect X-* headers to redirect clients RESPECT_XFORWARD_HEADERS_ENABLED=false diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml index bd668be17f..7d5132794e 100644 --- a/docker/docker-compose.yaml +++ b/docker/docker-compose.yaml @@ -405,6 +405,7 @@ x-shared-env: &shared-api-worker-env HTTP_REQUEST_NODE_MAX_BINARY_SIZE: ${HTTP_REQUEST_NODE_MAX_BINARY_SIZE:-10485760} HTTP_REQUEST_NODE_MAX_TEXT_SIZE: ${HTTP_REQUEST_NODE_MAX_TEXT_SIZE:-1048576} HTTP_REQUEST_NODE_SSL_VERIFY: ${HTTP_REQUEST_NODE_SSL_VERIFY:-True} + WEBHOOK_REQUEST_BODY_MAX_SIZE: ${WEBHOOK_REQUEST_BODY_MAX_SIZE:-10485760} RESPECT_XFORWARD_HEADERS_ENABLED: ${RESPECT_XFORWARD_HEADERS_ENABLED:-false} SSRF_PROXY_HTTP_URL: ${SSRF_PROXY_HTTP_URL:-http://ssrf_proxy:3128} SSRF_PROXY_HTTPS_URL: ${SSRF_PROXY_HTTPS_URL:-http://ssrf_proxy:3128}