[pve-devel] [PATCH access-control] fix #4074: increase API OpenID code size limit to 2048

Mira Limbeck m.limbeck at proxmox.com
Mon Jun 20 11:11:15 CEST 2022


On 6/17/22 10:42, Wolfgang Bumiller wrote:
> On Wed, Jun 15, 2022 at 04:09:50PM +0200, Mira Limbeck wrote:
>> Azure AD seems to have a variable authorization code size, depending on
>> the browser state according to one report in bug #4074 [0].
>>
>> Sometimes the size is greater than our current limit of 1024, so
>> increase it to 2048.
> Would there be any downside to just going straight to 4 or 8K here?
>
I don't think so. I just went with the usual `increase it to handle the 
current requirements` approach here.

If you prefer a higher limit then sure, I'll send a v2 with 4k or 8k.

The mentions in the bug tracker/forum post were of code sizes about 
1100-1300 in length.





More information about the pve-devel mailing list