diff options
| author | Eric Wong <normalperson@yhbt.net> | 2010-05-03 15:19:53 -0700 |
|---|---|---|
| committer | Eric Wong <normalperson@yhbt.net> | 2010-05-03 15:19:53 -0700 |
| commit | 9f1131f5972ba90c1c54c76cc97633447142b307 (patch) | |
| tree | c5ee918bfea67ffcd77b5b90ee2191ec2a5df129 /lib/rainbows.rb | |
| parent | 1f3de8f8940fc7805c54d3d27e2074632ab5a0b0 (diff) | |
| download | rainbows-9f1131f5972ba90c1c54c76cc97633447142b307.tar.gz | |
Since Rainbows! is supported when exposed directly to the
Internet, administrators may want to limit the amount of data a
user may upload in a single request body to prevent a
denial-of-service via disk space exhaustion.
This amount may be specified in bytes, the default limit being
1024*1024 bytes (1 megabyte). To override this default, a user
may specify `client_max_body_size' in the Rainbows! block
of their server config file:
Rainbows! do
client_max_body_size 10 * 1024 * 1024
end
Clients that exceed the limit will get a "413 Request Entity Too
Large" response if the request body is too large and the
connection will close.
For chunked requests, we have no choice but to interrupt during
the client upload since we have no prior knowledge of the
request body size.
Diffstat (limited to 'lib/rainbows.rb')
| -rw-r--r-- | lib/rainbows.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/lib/rainbows.rb b/lib/rainbows.rb index ccf211e..ad4e564 100644 --- a/lib/rainbows.rb +++ b/lib/rainbows.rb @@ -31,6 +31,7 @@ module Rainbows require 'rainbows/base' autoload :AppPool, 'rainbows/app_pool' autoload :DevFdResponse, 'rainbows/dev_fd_response' + autoload :MaxBody, 'rainbows/max_body' class << self @@ -81,6 +82,12 @@ module Rainbows io.respond_to?(:peeraddr) ? io.peeraddr.last : Unicorn::HttpRequest::LOCALHOST end + + # the default max body size is 1 megabyte (1024 * 1024 bytes) + @@max_bytes = 1024 * 1024 + + def max_bytes; @@max_bytes; end + def max_bytes=(nr); @@max_bytes = nr; end end # configures \Rainbows! with a given concurrency model to +use+ and @@ -91,6 +98,7 @@ module Rainbows # use :Revactor # this may also be :ThreadSpawn or :ThreadPool # worker_connections 400 # keepalive_timeout 0 # zero disables keepalives entirely + # client_max_body_size 5*1024*1024 # 5 megabytes # end # # # the rest of the Unicorn configuration @@ -107,6 +115,10 @@ module Rainbows # start retrieving extra elements for. Increasing this beyond 5 # seconds is not recommended. Zero disables keepalive entirely # (but pipelining fully-formed requests is still works). + # + # The default +client_max_body_size+ is 1 megabyte (1024 * 1024 bytes), + # setting this to +nil+ will disable body size checks and allow any + # size to be specified. def Rainbows!(&block) block_given? or raise ArgumentError, "Rainbows! requires a block" HttpServer.setup(block) |