fix: add dedicated http code response upon a request with too large payload (#1019)

* fix: add dedicated http code response upon a request with too large payload

* fix error log

packages/api-gateway/bin/server.ts

@@ -43,6 +43,10 @@ void container.load().then((container) => {
   const env: Env = new Env()
   env.load()
 
+  const requestPayloadLimit = env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)
+    ? `${+env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)}mb`
+    : '50mb'
+
   const server = new InversifyExpressServer(container)
 
   server.setConfig((app) => {
@@ -73,7 +77,7 @@ void container.load().then((container) => {
       }),
     )
 
-    app.use(json({ limit: '50mb' }))
+    app.use(json({ limit: requestPayloadLimit }))
     app.use(
       text({
         type: ['text/plain', 'application/x-www-form-urlencoded', 'application/x-www-form-urlencoded; charset=utf-8'],
@@ -107,6 +111,16 @@ void container.load().then((container) => {
         }] Request body: ${JSON.stringify(request.body)}`,
       )
 
+      if ('type' in error && error.type === 'entity.too.large') {
+        response.status(413).send({
+          error: {
+            message: 'The request payload is too large.',
+          },
+        })
+
+        return
+      }
+
       response.status(500).send({
         error: {
           message:

packages/files/bin/server.ts

@@ -24,6 +24,10 @@ void container.load().then((container) => {
   const env: Env = new Env()
   env.load()
 
+  const requestPayloadLimit = env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)
+    ? `${+env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)}mb`
+    : '50mb'
+
   const server = new InversifyExpressServer(container)
 
   server.setConfig((app) => {
@@ -58,9 +62,9 @@ void container.load().then((container) => {
       }
     }))
     /* eslint-enable */
-    app.use(json({ limit: '50mb' }))
-    app.use(raw({ limit: '50mb', type: 'application/octet-stream' }))
-    app.use(urlencoded({ extended: true, limit: '50mb' }))
+    app.use(json({ limit: requestPayloadLimit }))
+    app.use(raw({ limit: requestPayloadLimit, type: 'application/octet-stream' }))
+    app.use(urlencoded({ extended: true, limit: requestPayloadLimit }))
     app.use(
       cors({
         exposedHeaders: ['Content-Range', 'Accept-Ranges'],

packages/home-server/src/Server/HomeServer.ts

@@ -53,6 +53,10 @@ export class HomeServer implements HomeServerInterface {
       const env: Env = new Env(environmentOverrides)
       env.load()
 
+      const requestPayloadLimit = env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)
+        ? `${+env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)}mb`
+        : '50mb'
+
       this.configureLoggers(env, configuration)
 
       const apiGatewayService = new ApiGatewayService(serviceContainer)
@@ -114,8 +118,8 @@ export class HomeServer implements HomeServerInterface {
           }
         }))
         /* eslint-enable */
-        app.use(json({ limit: '50mb' }))
-        app.use(raw({ limit: '50mb', type: 'application/octet-stream' }))
+        app.use(json({ limit: requestPayloadLimit }))
+        app.use(raw({ limit: requestPayloadLimit, type: 'application/octet-stream' }))
         app.use(
           text({
             type: [
@@ -160,8 +164,24 @@ export class HomeServer implements HomeServerInterface {
       const logger: winston.Logger = winston.loggers.get('home-server')
 
       server.setErrorConfig((app) => {
-        app.use((error: Record<string, unknown>, _request: Request, response: Response, _next: NextFunction) => {
-          logger.error(error.stack)
+        app.use((error: Record<string, unknown>, request: Request, response: Response, _next: NextFunction) => {
+          logger.error(`${error.stack}`, {
+            method: request.method,
+            url: request.url,
+            snjs: request.headers['x-snjs-version'],
+            application: request.headers['x-application-version'],
+            userId: response.locals.user ? response.locals.user.uuid : undefined,
+          })
+
+          if ('type' in error && error.type === 'entity.too.large') {
+            response.status(413).send({
+              error: {
+                message: 'The request payload is too large.',
+              },
+            })
+
+            return
+          }
 
           response.status(500).send({
             error: {

packages/syncing-server/bin/server.ts

@@ -32,6 +32,10 @@ void container.load().then((container) => {
   const env: Env = new Env()
   env.load()
 
+  const requestPayloadLimit = env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)
+    ? `${+env.get('HTTP_REQUEST_PAYLOAD_LIMIT_MEGABYTES', true)}mb`
+    : '50mb'
+
   const server = new InversifyExpressServer(container)
 
   server.setConfig((app) => {
@@ -61,8 +65,8 @@ void container.load().then((container) => {
       }
     }))
     /* eslint-enable */
-    app.use(json({ limit: '50mb' }))
-    app.use(urlencoded({ extended: true, limit: '50mb', parameterLimit: 5000 }))
+    app.use(json({ limit: requestPayloadLimit }))
+    app.use(urlencoded({ extended: true, limit: requestPayloadLimit, parameterLimit: 5000 }))
     app.use(cors())
   })