diff options
author | Eric Wong <normalperson@yhbt.net> | 2010-05-03 15:19:53 -0700 |
---|---|---|
committer | Eric Wong <normalperson@yhbt.net> | 2010-05-03 15:19:53 -0700 |
commit | 9f1131f5972ba90c1c54c76cc97633447142b307 (patch) | |
tree | c5ee918bfea67ffcd77b5b90ee2191ec2a5df129 /lib/rainbows.rb | |
parent | 1f3de8f8940fc7805c54d3d27e2074632ab5a0b0 (diff) | |
download | rainbows-9f1131f5972ba90c1c54c76cc97633447142b307.tar.gz |
Since Rainbows! is supported when exposed directly to the Internet, administrators may want to limit the amount of data a user may upload in a single request body to prevent a denial-of-service via disk space exhaustion. This amount may be specified in bytes, the default limit being 1024*1024 bytes (1 megabyte). To override this default, a user may specify `client_max_body_size' in the Rainbows! block of their server config file: Rainbows! do client_max_body_size 10 * 1024 * 1024 end Clients that exceed the limit will get a "413 Request Entity Too Large" response if the request body is too large and the connection will close. For chunked requests, we have no choice but to interrupt during the client upload since we have no prior knowledge of the request body size.
Diffstat (limited to 'lib/rainbows.rb')
-rw-r--r-- | lib/rainbows.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/rainbows.rb b/lib/rainbows.rb index ccf211e..ad4e564 100644 --- a/lib/rainbows.rb +++ b/lib/rainbows.rb @@ -31,6 +31,7 @@ module Rainbows require 'rainbows/base' autoload :AppPool, 'rainbows/app_pool' autoload :DevFdResponse, 'rainbows/dev_fd_response' + autoload :MaxBody, 'rainbows/max_body' class << self @@ -81,6 +82,12 @@ module Rainbows io.respond_to?(:peeraddr) ? io.peeraddr.last : Unicorn::HttpRequest::LOCALHOST end + + # the default max body size is 1 megabyte (1024 * 1024 bytes) + @@max_bytes = 1024 * 1024 + + def max_bytes; @@max_bytes; end + def max_bytes=(nr); @@max_bytes = nr; end end # configures \Rainbows! with a given concurrency model to +use+ and @@ -91,6 +98,7 @@ module Rainbows # use :Revactor # this may also be :ThreadSpawn or :ThreadPool # worker_connections 400 # keepalive_timeout 0 # zero disables keepalives entirely + # client_max_body_size 5*1024*1024 # 5 megabytes # end # # # the rest of the Unicorn configuration @@ -107,6 +115,10 @@ module Rainbows # start retrieving extra elements for. Increasing this beyond 5 # seconds is not recommended. Zero disables keepalive entirely # (but pipelining fully-formed requests is still works). + # + # The default +client_max_body_size+ is 1 megabyte (1024 * 1024 bytes), + # setting this to +nil+ will disable body size checks and allow any + # size to be specified. def Rainbows!(&block) block_given? or raise ArgumentError, "Rainbows! requires a block" HttpServer.setup(block) |