Clarify the ability of using Custom Rules to act on truncated payloads #19105
Conversation
…n with the max size limit
|
Hi @Vortexmind As stated in the documentation, the (plan-dependent) maximum body size only applies to the values of Cloudflare body fields — the origin server will always receive the complete request body, without any truncation. Truncation info is useful to understand why a given Cloudflare rule with a body field in its expression may not be triggering. For example, if a rule matches a body containing a specific string, it may not match a request if that string does not occur in the piece of the request body that is actually evaluated by Cloudflare (i.e., if it appears in the bytes that got truncated). Since the truncation of body values in Cloudflare fields has no impact on what the origin server receives, what kind of rule would you create based on truncated body values? |
|
Hi @pedrosousa - thanks for your reply. If I am not misunderstanding, in scenarios where security is paramount I could decide to block a request if the flag shows that truncation has occurred, to avoid a scenario where the offending payload was in the part that was not analyzed. Thanks, Paolo |
|
Got it, thanks for clarifying. I will slightly rephrase your proposal because I had a different understanding from what I read. |
As per title