Closed max-moser closed 2 months ago
Update: This error gets triggered by the default previewer for TIFF images, e.g. on the landing page for: https://researchdata.tuwien.ac.at/records/zvvmh-nan78
Neither with nor without this PR does the previewer display anything meaningful for the TIFF image (both tested locally, with the TIFF file from the above record), but with this PR it's at least not a 500 response anymore.
We sometimes get notifications about internal server errors from the IIIF endpoint, caused by an unhandled
PIL.Image.DecompressionBombError: Image size (5179329012 pixels) exceeds limit of 178956970 pixels, could be decompression bomb DOS attack.
I was unsure about which HTTP status code to use here and was almost leaning towards a 5XX, but in this StackOverflow question the code 403 was recommended (for valid reasons, IMO): https://stackoverflow.com/questions/15192477/http-status-code-when-single-request-asks-for-too-large-resource-or-too-many-of