httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Querna <c...@force-elite.com>
Subject Re: svn commit: r723652 - in /httpd/httpd/branches/wombat-integration: include/httpd.h include/util_script.h server/util_script.c
Date Sun, 07 Dec 2008 05:47:52 GMT
Ruediger Pluem wrote:
>> +AP_DECLARE(apr_status_t) ap_body_to_table(request_rec *r, apr_table_t **table)
.....
> 
> I guess in the user of this function should advice the end user to
> carefully thing about setting LimitRequestBody. Otherwise this can
> be easily used for DoS.

Yes, I believe before 2.4.0/stable, we should replace this function with 
one powered by apreq, which has a more-streamy parser that handles much 
more without duplicating the entire body.

-Paul

Mime
View raw message