juneau-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James Bognar (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (JUNEAU-68) Add BoundedReader to REST input
Date Sun, 26 Nov 2017 20:11:00 GMT

     [ https://issues.apache.org/jira/browse/JUNEAU-68?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

James Bognar resolved JUNEAU-68.
--------------------------------
       Resolution: Fixed
         Assignee: James Bognar
    Fix Version/s: 7.0.1

This has been resolved by creation of a BoundedServletInputStream class in the RequestBody
object that allows you to configure the maximum input size via a @RestResource(maxInput) setting.
 Exceeding this threshold causes a 500 error to be generated.

This code change also implements the newer isFinished(), isReady(), and setReadListener()
methods that were introduced in Servlet 3.1.0.   

> Add BoundedReader to REST input
> -------------------------------
>
>                 Key: JUNEAU-68
>                 URL: https://issues.apache.org/jira/browse/JUNEAU-68
>             Project: Juneau
>          Issue Type: Bug
>          Components: Code
>    Affects Versions: 7.0.0
>            Reporter: James Bognar
>            Assignee: James Bognar
>             Fix For: 7.0.1
>
>
> Input from the REST servlets should be limited via a BoundedReader (or similar) class
to help prevent DoS attacks.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message