Deny content based on content-length header
This commit is contained in:
parent
bb396dfb5b
commit
5d1f35a8ee
@ -215,6 +215,26 @@ async fn response_to_bytes_limited(
|
||||
size_limit: usize,
|
||||
time_limit: Duration,
|
||||
) -> anyhow::Result<Vec<u8>> {
|
||||
// Check the content-length header without
|
||||
let content_length = response
|
||||
.headers()
|
||||
.get("content-length")
|
||||
.map(|len| len.to_str().ok())
|
||||
.flatten()
|
||||
.map(|len| len.parse::<u64>().ok())
|
||||
.flatten();
|
||||
|
||||
if let Some(content_length) = content_length {
|
||||
if content_length > size_limit as u64 {
|
||||
// We can avoid downloading it: we already know it exceeds the limit.
|
||||
increment_counter!("qprake_rake_specific_fail_count", "reason" => "SizeLimit");
|
||||
return Err(PermanentFailure {
|
||||
reason: PermanentFailureReason::ExceedsSizeLimit,
|
||||
}
|
||||
.into());
|
||||
}
|
||||
}
|
||||
|
||||
let deadline = Instant::now() + time_limit;
|
||||
let mut buffer = Vec::new();
|
||||
let mut bytestream = response.bytes_stream();
|
||||
|
Loading…
Reference in New Issue
Block a user