diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en index 2463a02..dc1eca5 100644 --- a/docs/manual/mod/core.html.en +++ b/docs/manual/mod/core.html.en @@ -2746,16 +2746,16 @@ subrequests</td></tr> <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Restricts the total size of the HTTP request body sent from the client</td></tr> <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>LimitRequestBody <var>bytes</var></code></td></tr> -<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LimitRequestBody 0</code></td></tr> +<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>LimitRequestBody 1073741824</code></td></tr> <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr> <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>All</td></tr> <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr> +<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>In Apache HTTP Server 2.4.53 and earlier, the default value + was 0 (unlimited)</td></tr> </table> - <p>This directive specifies the number of <var>bytes</var> from 0 - (meaning unlimited) to 2147483647 (2GB) that are allowed in a - request body. See the note below for the limited applicability - to proxy requests.</p> + <p>This directive specifies the number of <var>bytes</var> + that are allowed in a request body. A value of <var>0</var> means unlimited.</p> <p>The <code class="directive">LimitRequestBody</code> directive allows the user to set a limit on the allowed size of an HTTP request @@ -2781,12 +2781,6 @@ from the client</td></tr> <pre class="prettyprint lang-config">LimitRequestBody 102400</pre> - - <div class="note"><p>For a full description of how this directive is interpreted by - proxy requests, see the <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> documentation.</p> - </div> - - </div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="LimitRequestFields" id="LimitRequestFields">LimitRequestFields</a> <a name="limitrequestfields" id="limitrequestfields">Directive</a></h2> diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en index 2cc6ace..c9e4634 100644 --- a/docs/manual/mod/mod_proxy.html.en +++ b/docs/manual/mod/mod_proxy.html.en @@ -459,9 +459,6 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10</pre> Content-Length header, but the server is configured to filter incoming request bodies.</p> - <p><code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code> only applies to - request bodies that the server will spool to disk</p> - </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="section"> <h2><a name="x-headers" id="x-headers">Reverse Proxy Request Headers</a></h2> diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c index 1ebb9cc..0174fee 100644 --- a/modules/http/http_filters.c +++ b/modules/http/http_filters.c @@ -1696,6 +1696,7 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy) { const char *tenc = apr_table_get(r->headers_in, "Transfer-Encoding"); const char *lenp = apr_table_get(r->headers_in, "Content-Length"); + apr_off_t limit_req_body = ap_get_limit_req_body(r); r->read_body = read_policy; r->read_chunked = 0; @@ -1734,6 +1735,11 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy) return HTTP_REQUEST_ENTITY_TOO_LARGE; } + if (limit_req_body > 0 && (r->remaining > limit_req_body)) { + /* will be logged when the body is discarded */ + return HTTP_REQUEST_ENTITY_TOO_LARGE; + } + #ifdef AP_DEBUG { /* Make sure ap_getline() didn't leave any droppings. */ diff --git a/modules/proxy/mod_proxy_http.c b/modules/proxy/mod_proxy_http.c index 01dc509..a33b57b 100644 --- a/modules/proxy/mod_proxy_http.c +++ b/modules/proxy/mod_proxy_http.c @@ -515,12 +515,9 @@ static int spool_reqbody_cl(apr_pool_t *p, apr_bucket *e; apr_off_t bytes, bytes_spooled = 0, fsize = 0; apr_file_t *tmpfile = NULL; - apr_off_t limit; body_brigade = apr_brigade_create(p, bucket_alloc); - limit = ap_get_limit_req_body(r); - while (!APR_BUCKET_IS_EOS(APR_BRIGADE_FIRST(input_brigade))) { /* If this brigade contains EOS, either stop or remove it. */ @@ -535,17 +532,6 @@ static int spool_reqbody_cl(apr_pool_t *p, apr_brigade_length(input_brigade, 1, &bytes); if (bytes_spooled + bytes > MAX_MEM_SPOOL) { - /* - * LimitRequestBody does not affect Proxy requests (Should it?). - * Let it take effect if we decide to store the body in a - * temporary file on disk. - */ - if (limit && (bytes_spooled + bytes > limit)) { - ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01088) - "Request body is larger than the configured " - "limit of %" APR_OFF_T_FMT, limit); - return HTTP_REQUEST_ENTITY_TOO_LARGE; - } /* can't spool any more in memory; write latest brigade to disk */ if (tmpfile == NULL) { const char *temp_dir; diff --git a/server/core.c b/server/core.c index de2b0d2..3223e04 100644 --- a/server/core.c +++ b/server/core.c @@ -65,7 +65,7 @@ /* LimitRequestBody handling */ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) -#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) +#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */ /* LimitXMLRequestBody handling */ #define AP_LIMIT_UNSET ((long) -1)