diff options
author | Graham.Dumpleton <devnull@localhost> | 2007-07-11 04:26:15 +0000 |
---|---|---|
committer | Graham.Dumpleton <devnull@localhost> | 2007-07-11 04:26:15 +0000 |
commit | 15c0a46abff3bf5186d15bc5ed2b221dbcfe8aaf (patch) | |
tree | d7405ad23c11b3434420c1f0704ea15f050b9ebc | |
parent | dbb41a1cd759cbc7fafa3dcd254ae57c22d23d00 (diff) | |
download | mod_wsgi-15c0a46abff3bf5186d15bc5ed2b221dbcfe8aaf.tar.gz |
If LimitRequestBody is defined in Apache configuration then it is necessary
to perform our own check of whether request content is too large and end
the request before we even call into the WSGI application. If this is not
done then check of whether content is too large only happens the first time
data is read by the application. At that time the HTTP input filter will
send the 413 response and mark input as aborted. This will then cause read
to raise an exception which likely would be uncaught and result in 500 error
response being appended to the 413 response.
-rw-r--r-- | mod_wsgi.c | 20 |
1 files changed, 20 insertions, 0 deletions
@@ -61,6 +61,7 @@ typedef array_header apr_array_header_t; typedef table apr_table_t; typedef table_entry apr_table_entry_t; typedef int apr_size_t; +typedef unsigned long apr_off_t; #define apr_psprintf ap_psprintf #define apr_pstrndup ap_pstrndup #define apr_pstrdup ap_pstrdup @@ -4513,6 +4514,7 @@ static int wsgi_execute_remote(request_rec *r); static int wsgi_hook_handler(request_rec *r) { int status; + apr_off_t limit = 0; WSGIRequestConfig *config = NULL; @@ -4602,6 +4604,24 @@ static int wsgi_hook_handler(request_rec *r) return status; /* + * Check to see if request content is too large and end + * request here. We do this as otherwise it will not be done + * until first time input data is read in application. + * Problem is that underlying HTTP output filter will + * also generate a 413 response and the error raised from + * the application will be appended to that. The call to + * ap_discard_request_body() is hopefully enough to trigger + * sending of the 413 response by the HTTP filter. + */ + + limit = ap_get_limit_req_body(r); + + if (limit && limit < r->remaining) { + ap_discard_request_body(r); + return OK; + } + + /* * Construct request configuration and cache it in the * request object against this module so can access it * later from handler code. |