reivilibre
/
quickpeep
1
0
Fork 0
Code Issues 11 Pull Requests Projects Releases 11 Wiki Activity

Deny content based on content-length header

This commit is contained in:
Olivier 'reivilibre' 2022-06-11 00:12:15 +01:00
parent bb396dfb5b
commit 5d1f35a8ee
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
quickpeep_raker/src/raking.rs
View File

@ -215,6 +215,26 @@ async fn response_to_bytes_limited(
size_limit: usize, size_limit: usize,
time_limit: Duration, time_limit: Duration,
) -> anyhow::Result<Vec<u8>> { ) -> anyhow::Result<Vec<u8>> {
// Check the content-length header without
let content_length = response
.headers()
.get("content-length")
.map(|len| len.to_str().ok())
.flatten()
.map(|len| len.parse::<u64>().ok())
.flatten();
if let Some(content_length) = content_length {
if content_length > size_limit as u64 {
// We can avoid downloading it: we already know it exceeds the limit.
increment_counter!("qprake_rake_specific_fail_count", "reason" => "SizeLimit");
return Err(PermanentFailure {
reason: PermanentFailureReason::ExceedsSizeLimit,
}
.into());
}
}
let deadline = Instant::now() + time_limit; let deadline = Instant::now() + time_limit;
let mut buffer = Vec::new(); let mut buffer = Vec::new();
let mut bytestream = response.bytes_stream(); let mut bytestream = response.bytes_stream();