Closed namedgraph closed 3 years ago
We can probably leverage Tomcat's maxPostSize
by creating a $MAX_POST_SIZE
entrypoint param for it, without needing to touch Java code.
Looks like Tomcat's maxPostSize
doesn't do what I thought it does: https://www.mail-archive.com/search?l=users@tomcat.apache.org&q=subject:%22How+to+upload+Files+larger+than+2GB%22&o=newest&f=1
We need to implement our own subclass of InputStream
then, in order to be able to count bytes. It should probably be integrated deep into Core's ModelProvider
where the request stream is read.
Checking Content-Length
in a ReaderInterceptor
sounds much easier, and although the header value can be spoofed, we could use this as an interim solution.
Now with tests POST-content-length-413.sh
and POST-transfer-chunked-413.sh
The implementation could now be simplified by moving it to nginx and configuring using client_max_body_size
.
Lets keep a check both in nginx and in LinkedDataHub.
Introduce a
aplc:MaxPostSize
config parameter and check theContent-Length
header ofPUT
andPOST
request; reject the request with413 Request Entity Too Large
if it is over the size limit.