You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Upon reading the request body Django's request objects check the content length and compare it to a size limit set in the config:
# Limit the maximum request data size that will be handled in-memory.
if (settings.DATA_UPLOAD_MAX_MEMORY_SIZE is not None and
int(self.META.get('CONTENT_LENGTH') or 0) > settings.DATA_UPLOAD_MAX_MEMORY_SIZE):
raise RequestDataTooBig('Request body exceeded settings.DATA_UPLOAD_MAX_MEMORY_SIZE.')
AsgiRequest objects do not perform this check, which is very dangerous. I was able to spam the server with only a few large request, which made the server incapable of handling any other request.
The text was updated successfully, but these errors were encountered:
Upon reading the request body Django's request objects check the content length and compare it to a size limit set in the config:
AsgiRequest objects do not perform this check, which is very dangerous. I was able to spam the server with only a few large request, which made the server incapable of handling any other request.
The text was updated successfully, but these errors were encountered: