-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Large file uploads fail when using TLS and Cowboy 2.7+ #1523
Comments
Would be good to trace the Cowboy connection process to see what it's doing. Or get a |
Hi, Here's a process info for the cowboy supervisor
Only change to the process info during the failing upload is slightly larger 'reductions'. Don't know how I could get process info for the actual connection process since the connection closes usually within 2-3 seconds. Here's an link to a Gist which has output of Observer trace of Cowboy during the failed upload. I had to remove large amount of lines, mostly binary data, from the output. |
No not If it's a crash then you're going to have a crash report. If it's "normal" then you won't. Your best bet then would be to investigate what happens in |
Should the tracing show if the connection process closes? The linked Gist only shows when the connection is spawned. Any ideas how to catch cowboy connection process termination? I'm not receiving any crash reports or other messages to log when using standard plug_cowboy with added logging. I have tried logging with plug by setting setting
I also tried using PhoenixCowboyLogging which uses |
OK I have missed the gist. You can trace for |
Hi, Here's a link to a Gist. This time it's more interesting than the previous. Here's a process info of
I did some more testing and noticed that this upload failure happens only when using HTTP/2 with TLS. Uploading large files works when client forces the use of HTTP/1.1 with TLS. |
There might have been interesting events but they have been dropped. The exit reason is OK then I suppose figuring out what |
Hi, I had to try several different settings due to the large amount of data but I finally got something interesting
This seems to be same problem as in #1497 ? I tried setting Our use-case should be able to handle large files (10-20GB) and I'm thinking if we enable large (500_000+?) values for |
I guess we should increase it again. I had increased to 10k/10s but if that's not enough then it should be increased again. Those CVEs are not super important, especially in Erlang, and it's basically impossible to get a value that works out for everyone. So I think we could increase the default to whatever works out for you. Alternatively, increasing A third solution would be to produce a warning log for these types of connection errors ( |
Okay, I think it's enough if we just set both |
I once had the a similar issue, and fixed it by setting |
Hello everyone, I am looking for feedback as to what the For |
Nginx allows 16MB (the maximum possible): https://github.com/nginx/nginx/blob/6ceef19/src/http/v2/ngx_http_v2.h#L21 and https://github.com/nginx/nginx/blob/6ceef19/src/http/v2/ngx_http_v2.c#L2758 I don't think we want to increase it that much but we can definitely use a higher default value. If we increase it to 1MB then this doesn't invalidate the CVE protection and we can still receive large files. I think I will also increase the |
OK the max frame size sent is already |
Documentation update is done. Leaving this ticket open, thanks! |
Hi,
We are experiencing failed file uploads when using TLS and Cowboy 2.7+ (2.7 - 2.9.0). Large file uploads (1GB+) will be shown as failed and stalled in Chrome and Firefox, and when using Curl, the response is curl: (56) Unexpected EOF.
Uploading smaller files about 100MB works with TLS and uploading large files works if TLS is not used. However, if we use TLS and Cowboy 2.6.3, then uploading large files works.
Test file can be generated using command
fallocate -l 10G gentoo_root.img
. Uploading the file can be done using commandcurl -F 'file=@gentoo_root.img' <URL>
.How we configure Cowboy in our Elixir project. Certificates are generated using mkcert.
We use Plug.Parser for reading the multipart file upload. Those options i.e. length and others, don't have any effect on this problem.
Versions:
Also tried with Erlang 23.3 versions and same experience.
The text was updated successfully, but these errors were encountered: