Skip to content

Clarify the ability of using Custom Rules to act on truncated payloads #19105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jan 10, 2025
Merged

Clarify the ability of using Custom Rules to act on truncated payloads #19105

merged 2 commits into from
Jan 10, 2025

Conversation

@Vortexmind
Copy link
Contributor

@Vortexmind Vortexmind commented Jan 9, 2025

As per title

@Vortexmind Vortexmind requested review from a team and pedrosousa as code owners January 9, 2025 16:27
@pedrosousa
Copy link
Contributor

pedrosousa commented Jan 9, 2025
edited
Loading

Hi @Vortexmind

As stated in the documentation, the (plan-dependent) maximum body size only applies to the values of Cloudflare body fields — the origin server will always receive the complete request body, without any truncation.

Truncation info is useful to understand why a given Cloudflare rule with a body field in its expression may not be triggering. For example, if a rule matches a body containing a specific string, it may not match a request if that string does not occur in the piece of the request body that is actually evaluated by Cloudflare (i.e., if it appears in the bytes that got truncated).

Since the truncation of body values in Cloudflare fields has no impact on what the origin server receives, what kind of rule would you create based on truncated body values?

@Vortexmind
Copy link
Contributor Author

Vortexmind commented Jan 9, 2025

Hi @pedrosousa - thanks for your reply. If I am not misunderstanding, in scenarios where security is paramount I could decide to block a request if the flag shows that truncation has occurred, to avoid a scenario where the offending payload was in the part that was not analyzed. Thanks, Paolo

@pedrosousa
Copy link
Contributor

pedrosousa commented Jan 9, 2025

Got it, thanks for clarifying. I will slightly rephrase your proposal because I had a different understanding from what I read.

pedrosousa
pedrosousa reviewed Jan 10, 2025
View reviewed changes
pedrosousa
pedrosousa reviewed Jan 10, 2025
View reviewed changes
Copy link
Contributor

@pedrosousa pedrosousa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added a suggested edit.

@pedrosousa pedrosousa enabled auto-merge (squash) January 10, 2025 10:57
@pedrosousa pedrosousa merged commit 59b7bae into cloudflare:production Jan 10, 2025
6 checks passed
@workers-devprod workers-devprod added the contribution [Holopin] Recognizes a docs contribution, big or small label Jan 10, 2025
@holopin-bot
Copy link

holopin-bot bot commented Jan 10, 2025

Congratulations @Vortexmind, the maintainer of this repository has issued you a holobyte! Here it is: https://holopin.io/holobyte/cm5qnn7kt00660cmhqgxqzub0

This badge can only be claimed by you, so make sure that your GitHub account is linked to your Holopin account. You can manage those preferences here: https://holopin.io/account.
Or if you're new to Holopin, you can simply sign up with GitHub, which will do the trick!

@Vortexmind Vortexmind deleted the patch-clarify-truncated-request-fields-functionality branch January 10, 2025 13:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pedrosousa pedrosousa pedrosousa approved these changes

Assignees

@pedrosousa pedrosousa

Labels

contribution [Holopin] Recognizes a docs contribution, big or small product:waf size/xs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Vortexmind @pedrosousa @workers-devprod