There are currently unknown/undocumented limits to the length of a header that can be sent back to a client via a Toolforge tool. There are at least two layers of Nginx between a Toolforge webservice and it's users: Internet → Toolforge front proxy → Kubernetes ingress → tool's webservice. The "from the Toolforge front proxy" in the title may only be that the front proxy is relaying a 502 response that is actually generated at the tool's Kubernetes ingress.
Memory is finite, so there does technically need to be some limit on buffered response sizes, but a) we should know what those limits are, and b) we should consider if we can raise them from the software's compiled defaults.