limit HTTP request body and WS read msg size to 1MB

This commit is contained in:
Anton Kaliaev 2018-06-27 14:15:37 +04:00
parent f760c24ff0
commit 297cd4cfe8
No known key found for this signature in database
GPG Key ID: 7B6881D965918214
3 changed files with 26 additions and 3 deletions

View File

@ -406,7 +406,13 @@ type wsConnection struct {
// description of how to configure ping period and pong wait time. NOTE: if the
// write buffer is full, pongs may be dropped, which may cause clients to
// disconnect. see https://github.com/gorilla/websocket/issues/97
func NewWSConnection(baseConn *websocket.Conn, funcMap map[string]*RPCFunc, cdc *amino.Codec, options ...func(*wsConnection)) *wsConnection {
func NewWSConnection(
baseConn *websocket.Conn,
funcMap map[string]*RPCFunc,
cdc *amino.Codec,
options ...func(*wsConnection),
) *wsConnection {
baseConn.SetReadLimit(maxBodyBytes)
wsc := &wsConnection{
remoteAddr: baseConn.RemoteAddr().String(),
baseConn: baseConn,

View File

@ -23,6 +23,12 @@ type Config struct {
MaxOpenConnections int
}
const (
// maxBodyBytes controls the maximum number of bytes the
// server will read parsing the request body.
maxBodyBytes = int64(1000000) // 1MB
)
// StartHTTPServer starts an HTTP server on listenAddr with the given handler.
// It wraps handler with RecoverAndLogHandler.
func StartHTTPServer(
@ -53,7 +59,7 @@ func StartHTTPServer(
go func() {
err := http.Serve(
listener,
RecoverAndLogHandler(handler, logger),
RecoverAndLogHandler(maxBytesHandler{h: handler, n: maxBodyBytes}, logger),
)
logger.Error("RPC HTTP server stopped", "err", err)
}()
@ -99,7 +105,7 @@ func StartHTTPAndTLSServer(
go func() {
err := http.ServeTLS(
listener,
RecoverAndLogHandler(handler, logger),
RecoverAndLogHandler(maxBytesHandler{h: handler, n: maxBodyBytes}, logger),
certFile,
keyFile,
)
@ -202,3 +208,13 @@ func (w *ResponseWriterWrapper) WriteHeader(status int) {
func (w *ResponseWriterWrapper) Hijack() (net.Conn, *bufio.ReadWriter, error) {
return w.ResponseWriter.(http.Hijacker).Hijack()
}
type maxBytesHandler struct {
h http.Handler
n int64
}
func (h maxBytesHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, h.n)
h.h.ServeHTTP(w, r)
}

View File

@ -7,6 +7,7 @@ import (
)
const (
// MaxBlockSizeBytes is the maximum permitted size of the blocks.
MaxBlockSizeBytes = 104857600 // 100MB
)