diff options
| author | Felix Lange <fjl@users.noreply.github.com> | 2018-03-26 19:46:37 +0800 |
|---|---|---|
| committer | Péter Szilágyi <peterke@gmail.com> | 2018-03-26 19:46:37 +0800 |
| commit | e9b5e22ad121ef2251d1c72526c0994c03d2caf0 (patch) | |
| tree | 4117ad8b2679f18942603dc7a35af99c902dd856 /rpc | |
| parent | e506d384e90e709027b46c1d3dffc0390482a22c (diff) | |
| download | dexon-e9b5e22ad121ef2251d1c72526c0994c03d2caf0.tar.gz dexon-e9b5e22ad121ef2251d1c72526c0994c03d2caf0.tar.zst dexon-e9b5e22ad121ef2251d1c72526c0994c03d2caf0.zip | |
rpc: limit chunked requests (#16343)
Diffstat (limited to 'rpc')
| -rw-r--r-- | rpc/http.go | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/rpc/http.go b/rpc/http.go index 9805d69b6..e8f51150f 100644 --- a/rpc/http.go +++ b/rpc/http.go @@ -169,7 +169,8 @@ func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { // All checks passed, create a codec that reads direct from the request body // untilEOF and writes the response to w and order the server to process a // single request. - codec := NewJSONCodec(&httpReadWriteNopCloser{r.Body, w}) + body := io.LimitReader(r.Body, maxRequestContentLength) + codec := NewJSONCodec(&httpReadWriteNopCloser{body, w}) defer codec.Close() w.Header().Set("content-type", contentType) |