Files · f0ef4f474620ed95a7572c579689f262e79a724f · go / golang

http: add MaxBytesReader to limit request body size · f0ef4f47

Brad Fitzpatrick authored Aug 23, 2011

This adds http.MaxBytesReader, similar to io.LimitReader,
but specific to http, and for preventing a class of DoS
attacks.

This also makes the 10MB ParseForm limit optional (if
not already set by a MaxBytesReader), documents it,
and also adds "PUT" as a valid verb for parsing forms
in the request body.

Improves issue 2093 (DoS protection)
Fixes #2165 (PUT form parsing)

R=golang-dev, adg
CC=golang-dev
https://golang.org/cl/4921049

f0ef4f47

Name	Last commit	Last update
doc		Loading commit data...
include		Loading commit data...
lib		Loading commit data...
misc		Loading commit data...
src		Loading commit data...
test		Loading commit data...
.hgignore		Loading commit data...
.hgtags		Loading commit data...
AUTHORS		Loading commit data...
CONTRIBUTORS		Loading commit data...
LICENSE		Loading commit data...
PATENTS		Loading commit data...
README		Loading commit data...
favicon.ico		Loading commit data...
robots.txt		Loading commit data...

README