更新时间:2023-02-07 18:04:47
存在一个已知问题,即某些最新版本的节点(或其他一些网络服务器)的标头最大容量为 8KB.
There is a known issue where some recent versions of node (or some other webservers) has a maximum capacity of 8KB for headers.
当您启用 EasyAuth 时,它会在请求中添加一些较大的标头.
When you enable EasyAuth, it adds some large headers to the request.
要克服这个问题,您可以使用以下两种解决方案中的一种:
To overcome this, you can use on of the 2 solutions:
1.使用 WEBSITE_AUTH_DISABLE_IDENTITY_FLOW
应用设置
1. Use WEBSITE_AUTH_DISABLE_IDENTITY_FLOW
App Settings
当此变量设置为 true
时,它会禁用分配线程主体身份,这将删除添加到请求中的最大标头之一 X-MS-CLIENT-PRINCIPAL
,通常由 .NET Framework 和 Function 应用程序使用.
When this variable is set to true
it disables assigning the thread principal identity, which will remove one of the largest headers added to the request X-MS-CLIENT-PRINCIPAL
, which is generally used by .NET Framework and Function apps.
但是,它包含与 id_token 相同的声明.一个 Base64 编码的 JSON 对象,我们可以对其进行解码以获取信息.如果您想直接访问 id_token JWT,可以使用 X-MS-TOKEN-AAD-ID-TOKEN
标头.
However, it contains the same claims as the id_token. A Base64-encoded JSON object that we can decode to get the information. If you want access to the id_token JWT directly, you can use X-MS-TOKEN-AAD-ID-TOKEN
header.
参考:https://github.com/cgillum/easyauth/wiki/Advanced-Application-设置
2.提高标头大小的限制
这可以使用 NODE_OPTIONS
变量来完成,如以下 github 问题 这里.
This can be done using the NODE_OPTIONS
variable, as described in the following github issue here.
示例:NODE_OPTIONS=--max-http-header-size=16384