id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 1483 client_max_body_size vs. auth_request unexpected behaviour chschmitt@… "Hi there, I configured an upload location (to use the client_body_in_file_only feature). Additionally, I am using auth_request for that location to authorize uploads. When configuring the client_max_body_size for the upload location, I noticed that I have to repeat it in the internal auth location in order to become effective, i.e. uploads exceeding the default of 1MB would fail because the size of original (but removed) request body in the auth request, is checked against the limit of the auth location. I don't know whether this is a bug. For me, it was at least unexpected behaviour because the request body for the auth request is empty. Kind regards, Christoph {{{ server { listen 80 default_server; listen [::]:80 default_server; listen 443 ssl default_server; listen [::]:443 ssl default_server; ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; root /var/www/html; index index.html index.htm; location /upload { auth_request /auth; limit_except POST { deny all; } client_body_temp_path /dev/shm/upload; client_body_in_file_only on; client_max_body_size 1000M; proxy_set_header Request-Body-File $request_body_file; proxy_set_header Content-Length """"; proxy_set_body """"; proxy_pass http://localhost:8080/upload; } location = /auth { internal; client_max_body_size 1000M; proxy_set_header Content-Length """"; proxy_set_header X-Original-URI $request_uri; proxy_set_body """"; proxy_pass http://localhost:8080/auth; } location / { proxy_pass http://localhost:8080; } } }}}" enhancement new minor nginx-module 1.13.x client_max_body_size, auth_request Linux box 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux "nginx version: nginx/1.13.8 built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.5) built with OpenSSL 1.0.2g 1 Mar 2016 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie' "