chore: bring back x-auth-checks with a length limit (#19928)

2026-06-02 20:48:20 +00:00 · 2025-09-24 10:46:50 -06:00
parent adb7521066
commit a6fc28cc6f
2 changed files with 15 additions and 10 deletions
@@ -489,16 +489,8 @@ func New(options *Options) *API {
 	r := chi.NewRouter()
 	// We add this middleware early, to make sure that authorization checks made
 	// by other middleware get recorded.
-	//nolint:revive,staticcheck // This block will be re-enabled, not going to remove it
 	if buildinfo.IsDev() {
-		// TODO: Find another solution to opt into these checks.
-		//   If the header grows too large, it breaks `fetch()` requests.
-		//   Temporarily disabling this until we can find a better solution.
-		//	 One idea is to include checking the request for `X-Authz-Record=true`
-		//   header. To opt in on a per-request basis.
-		//   Some authz calls (like filtering lists) might be able to be
-		//   summarized better to condense the header payload.
-		// r.Use(httpmw.RecordAuthzChecks)
+		r.Use(httpmw.RecordAuthzChecks)
 	}

 	ctx, cancel := context.WithCancel(context.Background())