[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size

To: libevent-users@xxxxxxxxxxxxx
Subject: Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
From: Constantine Verutin <cverutin@xxxxxxxxx>
Date: Thu, 08 Oct 2009 16:26:19 +0300
Delivered-to: archiver@xxxxxxxx
Delivered-to: libevent-users-outgoing@xxxxxxxx
Delivered-to: libevent-users@xxxxxxxx
Delivery-date: Thu, 08 Oct 2009 09:26:28 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:message-id:from:to :subject:in-reply-to:references:user-agent:mime-version:content-type; bh=ZCIE/JTmhw6AQu4b7s01W2uu63Habpi3PgBUJcS4WkM=; b=hcBJnqXT8Ss96pe9J9n7+ygTHI0o/2FID+NRiDseKPFmgtCi3uKcFkgkKstpm05dHa 9mz7+fnRKaCVUCqf8+Z8NRHrEKpYdQ/TmGzPX16dfi9mRHk2z2dtCbMyPZHCyLxOmjbv QJr1u1H4NoSmdhzi8leox+dnqimLb9PaEG+xg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:message-id:from:to:subject:in-reply-to:references:user-agent :mime-version:content-type; b=UFZrr6tc72SUQkTOIlHZAxBJG6gjFQsCyg7I/eloPBGcqN1MGBZqp1K6OHOt83tw0g a/p6CCqQ2KtKLiMsnBqyx1Xzk2TlbWgrceNBRlVGGqx7i1e5D/3bjUStnkd+7X8w+B9k yOgKndn8SJvib9spFRdNBa45XZDB0EUUeDWp0=
In-reply-to: <20091008000104.GN18887@xxxxxxxxxxxxxx>
References: <5e0d09550910071050v6deba397g60e3013d150522a5@xxxxxxxxxxxxxx> <82a458c00910071216n4019785drbb6d6ab5f926cf0c@xxxxxxxxxxxxxx> <5e0d09550910071430j30b82956hb64af11d4372a69f@xxxxxxxxxxxxxx> <20091008000104.GN18887@xxxxxxxxxxxxxx>
Reply-to: libevent-users@xxxxxxxxxxxxx
Sender: owner-libevent-users@xxxxxxxxxxxxx
User-agent: Wanderlust/2.15.6 (Almost Unreal) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.7 Emacs/23.1 (i486-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)

Hi,

At Wed, 7 Oct 2009 20:01:04 -0400,
Nick Mathewson wrote:
> So long as we are painting the bike shed, I'd suggest that we just
> admit that we want a signed type and use an ssize_t (or in our case,
> an ev_ssize_t) for this.  No muss, no fuss.

Yep, makes sense.

> 
> As for the original patch, I'm wondering a bit about the complexity.
> I'm assuming that the idea here is to keep from running out of memory
> if the HTTP request or response is too big or complex, and that sounds
> like a fine idea.  But what's the rationale for having separate limits
> for the first line and for the total headers?  And why limit both
> the number of headers and their total length?

There's no limit on total headers length. There's a limit on _single_ header length.

--
WBR,
Constantine
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.

References:
- [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
  - From: Constantine Verutin
- Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
  - From: q6Yr7e0o nIJDVMjC
- Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
  - From: Constantine Verutin
- Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
  - From: Nick Mathewson

Prev by Author: Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
Next by Author: Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
Previous by thread: Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
Next by thread: Re: [Libevent-users] Patch: add constraints on HTTP first line/headers/body size
Index(es):
- Author
- Thread