couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject [26/50] [abbrv] couchdb commit: updated refs/heads/2041-update-ibrowse to 948e7d9
Date Fri, 07 Mar 2014 00:18:09 GMT
Allow optional max_uri_length server setting


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/f7ca266b
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/f7ca266b
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/f7ca266b

Branch: refs/heads/2041-update-ibrowse
Commit: f7ca266b41a6fb8dd8e8167b8c8d44df00a1907f
Parents: 3ce13c5
Author: Robert Newson <rnewson@apache.org>
Authored: Mon Feb 17 13:30:52 2014 +0000
Committer: Robert Newson <rnewson@apache.org>
Committed: Mon Feb 17 21:53:27 2014 +0000

----------------------------------------------------------------------
 etc/couchdb/default.ini.tpl.in |  2 ++
 src/couchdb/couch_httpd.erl    | 18 ++++++++++++++++++
 2 files changed, 20 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/f7ca266b/etc/couchdb/default.ini.tpl.in
----------------------------------------------------------------------
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in
index 3267001..fd953c2 100644
--- a/etc/couchdb/default.ini.tpl.in
+++ b/etc/couchdb/default.ini.tpl.in
@@ -52,6 +52,8 @@ allow_jsonp = false
 ;socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]
 log_max_chunk_size = 1000000
 enable_cors = false
+; CouchDB can optionally enforce a maximum uri length;
+; max_uri_length = 8000
 
 [ssl]
 port = 6984

http://git-wip-us.apache.org/repos/asf/couchdb/blob/f7ca266b/src/couchdb/couch_httpd.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index f00fdd0..7ee3e3a 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -310,6 +310,7 @@ handle_request_int(MochiReq, DefaultFun,
 
     {ok, Resp} =
     try
+        check_request_uri_length(RawUri),
         case couch_httpd_cors:is_preflight_request(HttpReq) of
         #httpd{} ->
             case authenticate_request(HttpReq, AuthHandlers) of
@@ -343,6 +344,8 @@ handle_request_int(MochiReq, DefaultFun,
             send_error(HttpReq, {bad_otp_release, ErrorReason});
         exit:{body_too_large, _} ->
             send_error(HttpReq, request_entity_too_large);
+        exit:{uri_too_long, _} ->
+            send_error(HttpReq, request_uri_too_long);
         throw:Error ->
             Stack = erlang:get_stacktrace(),
             ?LOG_DEBUG("Minor error in HTTP request: ~p",[Error]),
@@ -369,6 +372,19 @@ handle_request_int(MochiReq, DefaultFun,
     couch_stats_collector:increment({httpd, requests}),
     {ok, Resp}.
 
+check_request_uri_length(Uri) ->
+    check_request_uri_length(Uri, couch_config:get("httpd", "max_uri_length")).
+
+check_request_uri_length(_Uri, undefined) ->
+    ok;
+check_request_uri_length(Uri, MaxUriLen) when is_list(MaxUriLen) ->
+    case length(Uri) > list_to_integer(MaxUriLen) of
+        true ->
+            throw(request_uri_too_long);
+        false ->
+            ok
+    end.
+
 % Try authentication handlers in order until one sets a user_ctx
 % the auth funs also have the option of returning a response
 % move this to couch_httpd_auth?
@@ -826,6 +842,8 @@ error_info(file_exists) ->
         "created, the file already exists.">>};
 error_info(request_entity_too_large) ->
     {413, <<"too_large">>, <<"the request entity is too large">>};
+error_info(request_uri_too_long) ->
+    {414, <<"too_long">>, <<"the request entity is too long">>};
 error_info({bad_ctype, Reason}) ->
     {415, <<"bad_content_type">>, Reason};
 error_info(requested_range_not_satisfiable) ->


Mime
View raw message