Large 'include' argument can cause '502 Bad Gateway' server error

[danielbachhuber]

To test #11524, I assigned 201 tags to my post with:

wp term generate post_tag --count=200
wp term list post_tag --field=id | xargs -I % wp post term add 75 post_tag % --by=id

When I loaded the post in Gutenberg, I saw this 502 Bad Gateway error:

My educated hypothesis is that the error originates from the large include set; include gets translated to a very long query string which the server can't handle.

One idea is to introduce some middleware that gracefully batches a request with large include into multiple requests. However, this middleware would need to be sensitive to the order and orderby values too.

[dd32]

Bad Gateway could also mean that it's PHP which has rejected the request (depending on how you've got the dev environment setup)

Apache and nginx would usually respond with a 414 Request-URI Too Large at (by default) ~4k or ~8k characters, but would probably be much lower in real-world production cases.

https://core.trac.wordpress.org/ticket/22757 also comes into play, where certain setups (suhosin) can limit individual query string lengths, core uses 128char as a safe value, as 512 characters is the default suhosin.get.max_value_length value.

[dd32]

Looking at the included image, I'm thinking this is indeed a security extension limitation (or imitation of it) as the include string there (assuming 3-digit term id's) would be (100*3)+(99*3)=597 characters long (3 digit term ID + 3 character encoded comma).

If you were to take the core direction and limit it at 128char, with the above scenario you'd only be able to request 21 terms at once ((21*3)+(20*3)=123), or 85 terms at a 512char limit ((85*3)+(84*3)=507, and even less once you account for 4-digit term id's.

[paaljoachim]

Hey Daniel @danielbachhuber and Dion @dd32 Please retest this issue with the newest version of WordPress and Gutenberg plugin to see if this is still an issue that needs to be fixed. Thanks! How can we move it forward?

[watsefack]

Any news on this? Crazy that this error still exists and there is no solution?

[markhowellsmead]

This issue is still relevant. PHP and server settings don't seem to be the problem, as I have the following configuration: max_input_vars=4000, memory_limit=256M, post_max_size=1000M.