Skip to content

Commit

Permalink
C++ wrapper: add POST example and add limits for parameter size
Browse files Browse the repository at this point in the history
  • Loading branch information
@bel2125
bel2125 committed Jun 16, 2018
1 parent 8fd069f commit 82c03a2
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 4 deletions.
11 changes: 9 additions & 2 deletions examples/embedded_cpp/embedded_cpp.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,15 @@ class ExampleHandler : public CivetHandler
"<p>To see a page from the A handler <a "
"href=\"a\">click here</a></p>\r\n");
mg_printf(conn,
"<p>To see a page from the A handler with a parameter "
"<a href=\"a?param=1\">click here</a></p>\r\n");
"<form action=\"a\" method=\"get\">"
"To see a page from the A handler with a parameter "
"<input type=\"submit\" value=\"click here\" "
"name=\"param\" \\> (GET)</form>\r\n");
mg_printf(conn,
"<form action=\"a\" method=\"post\">"
"To see a page from the A handler with a parameter "
"<input type=\"submit\" value=\"click here\" "
"name=\"param\" \\> (POST)</form>\r\n");
mg_printf(conn,
"<p>To see a page from the A/B handler <a "
"href=\"a/b\">click here</a></p>\r\n");
Expand Down
23 changes: 21 additions & 2 deletions src/CivetServer.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@
#define UNUSED_PARAMETER(x) (void)(x)
#endif

#ifndef MAX_PARAM_BODY_LENGTH
// Set a default limit for parameters in a form body: 10 kB
#define MAX_PARAM_BODY_LENGTH (1024 * 10)

This comment has been minimized.

Sign in to view

Copy link
@pavel-pimenov

pavel-pimenov Jun 20, 2018

Contributor

Only 10k? apache default = 2MB

This comment has been minimized.

Sign in to view

Copy link
@bel2125

bel2125 Jun 20, 2018
edited
Loading

Author Member

I set it to 2 MB as well.
However, getParam() will still only work for form data (application/x-www-form-urlencoded), but not for file upload (only possible with multipart/form-data).
#endif

bool
CivetHandler::handleGet(CivetServer *server, struct mg_connection *conn)
{
Expand Down Expand Up @@ -471,12 +476,22 @@ CivetServer::getParam(struct mg_connection *conn,
mg_unlock_context(me->context);

if (conobj.postData != NULL) {
// check if form parameter are already stored
formParams = conobj.postData;
} else {
// otherwise, check if there is a request body
const char *con_len_str = mg_get_header(conn, "Content-Length");
if (con_len_str) {
unsigned long con_len = atoi(con_len_str);
if (con_len > 0) {
char *end = 0;
unsigned long con_len = strtoul(con_len_str, &end, 10);
if ((end == NULL) || (*end != 0)) {
// malformed header
return false;
}
if ((con_len > 0) && (con_len <= MAX_PARAM_BODY_LENGTH)) {
// Body is within a reasonable range

// Allocate memory:
// Add one extra character: in case the post-data is a text, it
// is required as 0-termination.
// Do not increment con_len, since the 0 terminating is not part
Expand All @@ -490,6 +505,10 @@ CivetServer::getParam(struct mg_connection *conn,
conobj.postDataLen = con_len;
}
}
if (conobj.postData == NULL) {
// we cannot store the body
return false;
}
}
}
if (formParams == NULL) {
Expand Down

0 comments on commit 82c03a2

Please sign in to comment.