|
 |
0ac66a |
diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en
|
|
|
0ac66a |
index e1ec8d0..833fa7b 100644
|
|
|
0ac66a |
--- a/docs/manual/mod/core.html.en
|
|
|
0ac66a |
+++ b/docs/manual/mod/core.html.en
|
|
|
0ac66a |
@@ -2748,16 +2748,16 @@ subrequests
|
|
|
0ac66a |
Description:Restricts the total size of the HTTP request body sent
|
|
|
0ac66a |
from the client
|
|
|
0ac66a |
Syntax:LimitRequestBody bytes
|
|
|
0ac66a |
-Default:LimitRequestBody 0
|
|
|
0ac66a |
+Default:LimitRequestBody 1073741824
|
|
|
0ac66a |
Context:server config, virtual host, directory, .htaccess
|
|
|
0ac66a |
Override:All
|
|
|
0ac66a |
Status:Core
|
|
|
0ac66a |
Module:core
|
|
|
0ac66a |
+Compatibility:In Apache HTTP Server 2.4.53 and earlier, the default value
|
|
|
0ac66a |
+ was 0 (unlimited)
|
|
|
0ac66a |
|
|
|
0ac66a |
- This directive specifies the number of bytes from 0
|
|
|
0ac66a |
- (meaning unlimited) to 2147483647 (2GB) that are allowed in a
|
|
|
0ac66a |
- request body. See the note below for the limited applicability
|
|
|
0ac66a |
- to proxy requests.
|
|
|
0ac66a |
+ This directive specifies the number of bytes
|
|
|
0ac66a |
+ that are allowed in a request body. A value of 0 means unlimited.
|
|
|
0ac66a |
|
|
|
0ac66a |
The LimitRequestBody directive allows
|
|
|
0ac66a |
the user to set a limit on the allowed size of an HTTP request
|
|
|
0ac66a |
@@ -2783,12 +2783,6 @@ from the client
|
|
|
0ac66a |
|
|
|
0ac66a |
LimitRequestBody 102400
|
|
|
0ac66a |
|
|
|
0ac66a |
-
|
|
|
0ac66a |
- For a full description of how this directive is interpreted by
|
|
|
0ac66a |
- proxy requests, see the mod_proxy documentation.
|
|
|
0ac66a |
-
|
|
|
0ac66a |
-
|
|
|
0ac66a |
-
|
|
|
0ac66a |
|
|
|
0ac66a |
|
|
|
0ac66a |
|
|
|
0ac66a |
diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en
|
|
|
0ac66a |
index 2cc6ace..c9e4634 100644
|
|
|
0ac66a |
--- a/docs/manual/mod/mod_proxy.html.en
|
|
|
0ac66a |
+++ b/docs/manual/mod/mod_proxy.html.en
|
|
|
0ac66a |
@@ -459,9 +459,6 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10
|
|
|
0ac66a |
Content-Length header, but the server is configured to filter incoming
|
|
|
0ac66a |
request bodies.
|
|
|
0ac66a |
|
|
|
0ac66a |
- LimitRequestBody only applies to
|
|
|
0ac66a |
- request bodies that the server will spool to disk
|
|
|
0ac66a |
-
|
|
|
0ac66a |
|
|
|
0ac66a |
|
|
|
0ac66a |
|
|
|
0ac66a |
diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c
|
|
|
0ac66a |
index 6bedcac..393343a 100644
|
|
|
0ac66a |
--- a/modules/http/http_filters.c
|
|
|
0ac66a |
+++ b/modules/http/http_filters.c
|
|
|
0ac66a |
@@ -1710,6 +1710,7 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy)
|
|
|
0ac66a |
{
|
|
|
0ac66a |
const char *tenc = apr_table_get(r->headers_in, "Transfer-Encoding");
|
|
|
0ac66a |
const char *lenp = apr_table_get(r->headers_in, "Content-Length");
|
|
|
0ac66a |
+ apr_off_t limit_req_body = ap_get_limit_req_body(r);
|
|
|
0ac66a |
|
|
|
0ac66a |
r->read_body = read_policy;
|
|
|
0ac66a |
r->read_chunked = 0;
|
|
|
0ac66a |
@@ -1748,6 +1749,11 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy)
|
|
|
0ac66a |
return HTTP_REQUEST_ENTITY_TOO_LARGE;
|
|
|
0ac66a |
}
|
|
|
0ac66a |
|
|
|
0ac66a |
+ if (limit_req_body > 0 && (r->remaining > limit_req_body)) {
|
|
|
0ac66a |
+ /* will be logged when the body is discarded */
|
|
|
0ac66a |
+ return HTTP_REQUEST_ENTITY_TOO_LARGE;
|
|
|
0ac66a |
+ }
|
|
|
0ac66a |
+
|
|
|
0ac66a |
#ifdef AP_DEBUG
|
|
|
0ac66a |
{
|
|
|
0ac66a |
/* Make sure ap_getline() didn't leave any droppings. */
|
|
|
0ac66a |
diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c
|
|
|
0ac66a |
index 7da9bde..1b7bb81 100644
|
|
|
0ac66a |
--- a/modules/proxy/mod_proxy_http.c
|
|
|
0ac66a |
+++ b/modules/proxy/mod_proxy_http.c
|
|
|
0ac66a |
@@ -439,13 +439,10 @@ static int spool_reqbody_cl(proxy_http_req_t *req, apr_off_t *bytes_spooled)
|
|
|
0ac66a |
apr_bucket *e;
|
|
|
0ac66a |
apr_off_t bytes, fsize = 0;
|
|
|
0ac66a |
apr_file_t *tmpfile = NULL;
|
|
|
0ac66a |
- apr_off_t limit;
|
|
|
0ac66a |
|
|
|
0ac66a |
body_brigade = apr_brigade_create(p, bucket_alloc);
|
|
|
0ac66a |
*bytes_spooled = 0;
|
|
|
0ac66a |
|
|
|
0ac66a |
- limit = ap_get_limit_req_body(r);
|
|
|
0ac66a |
-
|
|
|
0ac66a |
do {
|
|
|
0ac66a |
if (APR_BRIGADE_EMPTY(input_brigade)) {
|
|
|
0ac66a |
rv = stream_reqbody_read(req, input_brigade, 0);
|
|
|
0ac66a |
@@ -462,17 +459,6 @@ static int spool_reqbody_cl(proxy_http_req_t *req, apr_off_t *bytes_spooled)
|
|
|
0ac66a |
apr_brigade_length(input_brigade, 1, &bytes);
|
|
|
0ac66a |
|
|
|
0ac66a |
if (*bytes_spooled + bytes > MAX_MEM_SPOOL) {
|
|
|
0ac66a |
- /*
|
|
|
0ac66a |
- * LimitRequestBody does not affect Proxy requests (Should it?).
|
|
|
0ac66a |
- * Let it take effect if we decide to store the body in a
|
|
|
0ac66a |
- * temporary file on disk.
|
|
|
0ac66a |
- */
|
|
|
0ac66a |
- if (limit && (*bytes_spooled + bytes > limit)) {
|
|
|
0ac66a |
- ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01088)
|
|
|
0ac66a |
- "Request body is larger than the configured "
|
|
|
0ac66a |
- "limit of %" APR_OFF_T_FMT, limit);
|
|
|
0ac66a |
- return HTTP_REQUEST_ENTITY_TOO_LARGE;
|
|
|
0ac66a |
- }
|
|
|
0ac66a |
/* can't spool any more in memory; write latest brigade to disk */
|
|
|
0ac66a |
if (tmpfile == NULL) {
|
|
|
0ac66a |
const char *temp_dir;
|
|
|
0ac66a |
diff --git a/server/core.c b/server/core.c
|
|
|
0ac66a |
index 09664fc..084e243 100644
|
|
|
0ac66a |
--- a/server/core.c
|
|
|
0ac66a |
+++ b/server/core.c
|
|
|
0ac66a |
@@ -65,7 +65,7 @@
|
|
|
0ac66a |
|
|
|
0ac66a |
/* LimitRequestBody handling */
|
|
|
0ac66a |
#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
|
|
|
0ac66a |
-#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0)
|
|
|
0ac66a |
+#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */
|
|
|
0ac66a |
|
|
|
0ac66a |
/* LimitXMLRequestBody handling */
|
|
|
0ac66a |
#define AP_LIMIT_UNSET ((long) -1)
|
