Hello,
Credit goes to David Dankwerth for supplying this patch.
It is meant to abort an http connection if the content length value exceeds a
predefined value.
The predefined value can be specified in apache's httpd.conf by using the
LimitRequestBody directive.
F.e.:
LimitRequestBody 10000
JkEnvVar JkLimitRequestBody apache
will limit the request to 10K.
Apache will throw a 413 error when the limit has been exceeded so you can
define an ErrorDocument in httpd.conf to show up an informative page indicating
the error.
Anyway, it's been a real and helpful solution for me and I was wondering if the
author would consider using it? :)
See attachment for a diff on the original v1.23 source.
Greetings, Philippe.
1326,1330d1325
< * this function will also check the request length , if the length exceeds
< * the limit set by JkEnvVar JkLimitRequestBody (values are a number[bytes]
< * or apache to mark the use of LimitRequestBody , then this function will
< * decline the request (to aviod Unrecoverable errors)
< * added by David Dankwerth and David Brewster of ri3k
1333,1336c1328,1329
< {
<
< char *worker = NULL ;
< if(!r->proxyreq) {
---
> {
> if(!r->proxyreq) {
1339c1332
<
---
>
1341,1395c1334,1335
< worker = map_uri_to_worker(conf->uw_map,
< r->uri,
< conf->log ? conf->log : main_log);
<
< // check if there is a contect length in the request (might
not have !)
< if ( ap_table_get(r->headers_in, "Content-Length") != NULL )
< {
< long requestLength =
atol(ap_table_get(r->headers_in, "Content-Length")) ;
< if (requestLength != 0 )
< {
< server_rec *s = r->server;
< jk_server_conf_t *conf =
< (jk_server_conf_t
*)ap_get_module_config(s->module_config, &jk_module);
<
< jk_logger_t *l = conf->log ? conf->log :
main_log;
<
< long max = 0 ;
< // get the defenition from the JkEnvVar
JkLimitRequestBody
< const char* maxLength=
ap_table_get(conf->envvars,"JkLimitRequestBody");
< // apachs LimitRequestBody Value
< long apacheLimit = ap_get_limit_req_body(r) ;
< jk_log(l, JK_LOG_DEBUG,
< "mod_jk :: Apache
LimitRequestBody is %d \n",apacheLimit);
<
<
< if (maxLength != NULL )
< {
< // check if to use apache's limit
< if (0 == strcmp("apache",maxLength))
< max = apacheLimit ;
< else
< max = atol(maxLength) ;
< }
<
<
< jk_log(l, JK_LOG_DEBUG,
< "mod_jk:: AllowedRequestSize is %d ,
current Request %d\n",max,requestLength);
<
< // if max defined is 0 allow
< if (max == 0 || requestLength < max )
< {
< jk_log(l, JK_LOG_DEBUG,
< "mod_jk:: Request authorized to
pass length limitation");
<
< }
< else
< {
<
< jk_log(l, JK_LOG_DEBUG,
< "mod_jk:: Request declined to
pass length limitation");
< return DECLINED ;
< }
< }
< }
<
---
> char *worker = map_uri_to_worker(conf->uw_map, r->uri, conf->log ?
>conf->log : main_log);
>
1402c1342
<
---
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
