Open David-x100 opened 7 years ago
Max message size should be implemented to prevent this.
@cboden Any thoughts?
Any update on this?
This seems like a big issue when running this in a production environment. Any progress on a 'max message size' option?
I was writing my own WebSocket server using stream_* functions and pthreads. Then I asked myself: There is the excellent Ratchet, why reinvent the wheel?!
So as Ratchet is not threaded by pthreads and is async, I decided to check it against hackers attacks: What if a hacker sends a very long message?!
note: this code is modified version you can find from: http://www.websocket.org/echo.html
Boom! The good guy(s) can't send/receive messages anymore until the bad guy sends the very long message.
Is there a way to fix this issue of this great library? Am I doing something wrong?