diff options
| author | Fedor Indutny <fedor.indutny@gmail.com> | 2012-01-16 01:45:31 +0600 |
|---|---|---|
| committer | Fedor Indutny <fedor.indutny@gmail.com> | 2012-01-16 02:45:05 +0600 |
| commit | 8a98c2f1d81cabb6594dc388789d60d2f3f67c09 (patch) | |
| tree | 2c07a8026b7e28255e399d2f04707f2f4eaad949 /doc | |
| parent | 93465d30511db82d0f759905d0cde52c8d5ea53e (diff) | |
| download | node-new-8a98c2f1d81cabb6594dc388789d60d2f3f67c09.tar.gz | |
http, querystring: added limits to prevent DoS
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/api/http.markdown | 6 | ||||
| -rw-r--r-- | doc/api/querystring.markdown | 5 |
2 files changed, 10 insertions, 1 deletions
diff --git a/doc/api/http.markdown b/doc/api/http.markdown index 3597898672..365f200604 100644 --- a/doc/api/http.markdown +++ b/doc/api/http.markdown @@ -143,6 +143,12 @@ Stops the server from accepting new connections. See [net.Server.close()](net.html#server.close). +### server.maxHeadersCount + +Limits maximum incoming headers count, equal to 1000 by default. If set to 0 - +no limit will be applied. + + ## http.ServerRequest This object is created internally by a HTTP server -- not by diff --git a/doc/api/querystring.markdown b/doc/api/querystring.markdown index 25741804dc..1dc9f89f3e 100644 --- a/doc/api/querystring.markdown +++ b/doc/api/querystring.markdown @@ -19,12 +19,15 @@ Example: // returns 'foo:bar;baz:qux' -### querystring.parse(str, [sep], [eq]) +### querystring.parse(str, [sep], [eq], [options]) Deserialize a query string to an object. Optionally override the default separator (`'&'`) and assignment (`'='`) characters. +Options object may contain `maxKeys` property (equal to 1000 by default), it'll +be used to limit processed keys. Set it to 0 to remove key count limitation. + Example: querystring.parse('foo=bar&baz=qux&baz=quux&corge') |