You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2022/01/19 01:22:00 UTC

[jira] [Updated] (NIFI-9481) Exclude HTTP Site-to-Site Communication from DoS Filter

     [ https://issues.apache.org/jira/browse/NIFI-9481?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

David Handermann updated NIFI-9481:
-----------------------------------
    Status: Patch Available  (was: Open)

> Exclude HTTP Site-to-Site Communication from DoS Filter
> -------------------------------------------------------
>
>                 Key: NIFI-9481
>                 URL: https://issues.apache.org/jira/browse/NIFI-9481
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework, Security
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Major
>
> The Jetty Denial of Service Filter introduced in NiFi 1.12.0 applied rate limiting and processing timeouts to all HTTP requests that NiFi received through Jetty. This approach created potential problems when sending and receiving files using Site-to-Site over HTTP, prompting the introducing of configurable request timeout properties in NiFi 1.14.0.
> Although configuring a large request timeout mitigates most issues, HTTP Site-to-Site transmission with high data volumes can make it difficult to select an optimal value for the request timeout property. Excluding specific Site-to-Site HTTP REST resource methods from request timeout filtering avoids potential problems on deployments with large volumes of data or transmission over slow network links.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)