[Mongrel] Limit Request Body Size (Disallow very large File-uploads)

Kirk Haines wyhaines at gmail.com
Fri Jun 12 12:40:59 EDT 2009


Look at http_request.rb.

Mongrel already has a limit to the length of the headers that it will
accept, so you are covered there.  If you look at
HttpRequest#initialize, there is a "remain" variable that is set to
the content length of the body of the request.

You could simply insert a check there.  If it's too high, bail out
right there and throw back whatever error response you deem
appropriate.

It could be a 400, but it's probably better if it is a 413 Request
Entity Too Large.


Kirk Haines


More information about the Mongrel-users mailing list