diff options
Diffstat (limited to 'lib/rainbows/configurator.rb')
| -rw-r--r-- | lib/rainbows/configurator.rb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/rainbows/configurator.rb b/lib/rainbows/configurator.rb index 1b93fc7..433158b 100644 --- a/lib/rainbows/configurator.rb +++ b/lib/rainbows/configurator.rb @@ -27,6 +27,7 @@ module Rainbows::Configurator :keepalive_requests => 100, :client_max_body_size => 1024 * 1024, :client_header_buffer_size => 1024, + :client_max_header_size => 112 * 1024, :copy_stream => IO.respond_to?(:copy_stream) ? IO : false, }) @@ -147,6 +148,18 @@ module Rainbows::Configurator set[:client_max_body_size] = bytes end + # Limits the maximum size of a request header for all requests. + # + # Default: 112 kilobytes (114688 bytes) + # + # Lowering this will lower worst-case memory usage and mitigate some + # denial-of-service attacks. This should be larger than + # client_header_buffer_size. + def client_max_header_size(bytes) + check! + set_int(:client_max_header_size, bytes, 8) + end + # This governs the amount of memory allocated for an individual read(2) or # recv(2) system call when reading headers. Applications that make minimal # use of cookies should not increase this from the default. |