Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

io.pedestal.http.body-params/body-params could be more efficient #805

Closed
hlship opened this issue Feb 23, 2024 · 1 comment
Closed

io.pedestal.http.body-params/body-params could be more efficient #805

hlship opened this issue Feb 23, 2024 · 1 comment
Labels
enhancement

Comments

@hlship
Copy link
Contributor

hlship commented Feb 23, 2024

Description

io.pedestal.http.body-params/body-params determines how to parse the body by matching content types (specified by regular expressions) to functions that parse the request body in a particular encoding (JSON, EDN, etc.) into Clojure data.

Content types are relatively nominal, so using a series of regular expressions to match input content type to parsing function could be improved by caching on actual values.

This does expose an attack vector where an adveserial client sends many requests with randomized content types in an attempt to blow up the cache; therefore, the cache of content types to parsing functions should be size limited.

Pedestal version

0.6.3
@hlship hlship mentioned this issue Feb 24, 2024
Merged
@hlship
Copy link
Contributor Author

hlship commented Feb 24, 2024

Expected gain was a loss (see #811).

@hlship hlship closed this as completed Feb 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hlship