chore: disable authz-header in all builds (#17409)

Header payload being large is causing some issues in dev builds. Another method of opting in needs to be determined
2025-07-03 16:13:58 +00:00 · 2025-04-15 20:22:21 -05:00
parent 70b113de7b
commit a7646d1524
1 changed files with 9 additions and 1 deletions
--- a/coderd/coderd.go
+++ b/coderd/coderd.go
@ -464,8 +464,16 @@ func New(options *Options) *API {
 	r := chi.NewRouter()
 	// We add this middleware early, to make sure that authorization checks made
 	// by other middleware get recorded.
+	//nolint:revive,staticcheck // This block will be re-enabled, not going to remove it
 	if buildinfo.IsDev() {
-		r.Use(httpmw.RecordAuthzChecks)
+		// TODO: Find another solution to opt into these checks.
+		//   If the header grows too large, it breaks `fetch()` requests.
+		//   Temporarily disabling this until we can find a better solution.
+		//	 One idea is to include checking the request for `X-Authz-Record=true`
+		//   header. To opt in on a per-request basis.
+		//   Some authz calls (like filtering lists) might be able to be
+		//   summarized better to condense the header payload.
+		// r.Use(httpmw.RecordAuthzChecks)
 	}

 	ctx, cancel := context.WithCancel(context.Background())