question

菜津美 田. avatar image
菜津美 田. asked ·

Maximum POST size of RUM beacon

Hi Team,

Do you know maximum POST size of RUM beacon?
We saw 403 error of "/rb_<ID>".
We think it is because that there is maximum POST size rule on WAF.
We are planning to change maximum POST size from 4KB to 1MB.
Do you think it is enough to POST RUM beacon?

Best Regards,
Natsumi Tanaka

RUMbrowser monitors
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Gernot R. avatar image
Gernot R. answered ·

the default max size of a beacon is 30kb, if it would grow higher than that it's split into multiple requests. the default limit can be configured using the `custom configuration properties` textbox within the advanced application configuration. just enter `msl=<size-in-bytes>`, so in your case `msl=4000` to decrease this limit. expect an higher amount of beacons though, since the beacon will be split if the content grows beyond 4kb.

1 comment Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Thank you for your information.
I am released to hear that the max size is 30kb, so after our customer change maxExpectedBodySize from 4096 to 1000000 they will do not face to 403 error.
More, I do not know we can restrict beacon size using `custom configuration properties`.
It is very useful! Thank you!

0 Likes 0 · ·
Julius L. avatar image
Julius L. answered ·

This depends on the data actually sent in the beacon and also depends if session replay is enabled for the application or not. But even a complex user action with many resource timing data might result in beacons with size over 4kB.

Why are you limiting post size to 4kB in the first place? Does this come from any security policy in your organization?

1 comment Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Thank you for your reply.

They use AWS WAF and dafault yaml.
https://s3.us-east-2.amazonaws.com/awswaf-owasp/owasp_10_base.yml

The default setting is the following

maxExpectedBodySize:

Type: Number

Description: Maximum number of bytes allowed in the body of the request. If you do not plan to allow large uploads, set it to the largest payload value that makes sense for your web application. Accepting unnecessarily large values can cause performance issues, if large payloads are used as an attack vector against your web application.

Default: 4096

They will change the setting from 4096 to 1000000

0 Likes 0 · ·