You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we have limit() for this, which works for any request body. Even without this specific issue you could exhaust resources reasonably easily without some form of limiting
Can you please elaborate? I couldn't find any limit() function in the source code, and in node-formidable I only saw incomingForm.maxFieldsSize. Thanks
This won't solve the problem completely, but it would help.
Read more about this problem here:
http://www.ocert.org/advisories/ocert-2011-003.html
http://www.youtube.com/watch?v=R2Cq3CLI6H8
The Socket.IO guys already made a commit for this a month ago:
socketio/socket.io@a7f45fe
I think we should be able to specify a max post size and the bodyParser should kill what exceeds that. The implementation should probably be done in the file: https://github.com/senchalabs/connect/blob/master/lib/middleware/json.js
The text was updated successfully, but these errors were encountered: