encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs
Impact The length of URIs and the various parts (eg path segments, query parameters) is usually limited by the webserver processing the incoming request. In the case of Puma the defaults are : path segment length: 8192 Max URI length: 1024 * 12 Max query length: 1024 * 10 See https://github.com/puma/puma/blob/master/docs/compile_options.md If too long Puma raises: Puma caught this error: HTTP element REQUEST_PATH is longer than the (8192) allowed length …