kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity
ruby--ruby/test/webrick
History
normal 7e1f2a5aa9 webrick/httprequest: limit request headers size 
We use the same 112 KB limit started (AFAIK) by Mongrel, Thin,
and Puma to prevent malicious users from using up all the memory
with a single request.  This also limits the damage done by
excessive ranges in multipart Range: requests.

Due to the way we rely on IO#gets and the desire to keep
the code simple, the actual maximum header may be 4093 bytes
larger than 112 KB, but we're splitting hairs at that point.

* lib/webrick/httprequest.rb: define MAX_HEADER_LENGTH
  (read_header): raise when headers exceed max length

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62960 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-03-28 08:06:23 +00:00
..
.htaccess
test_cgi.rb
test_config.rb
test_cookie.rb
test_do_not_reverse_lookup.rb
test_filehandler.rb test/webrick/test_filehandler.rb: stricter multipart range test 2018-03-28 08:06:02 +00:00
test_htmlutils.rb
test_httpauth.rb
test_httpproxy.rb
test_httprequest.rb
test_httpresponse.rb
test_https.rb
test_httpserver.rb webrick/httprequest: limit request headers size 2018-03-28 08:06:23 +00:00
test_httputils.rb
test_httpversion.rb
test_server.rb mjit_compile.c: merge initial JIT compiler 2018-02-04 11:22:28 +00:00
test_ssl_server.rb
test_utils.rb
utils.rb
webrick.cgi
webrick.rhtml
webrick_long_filename.cgi