httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch>
Subject Re: DoS with mod_deflate & range requests
Date Wed, 24 Aug 2011 06:38:24 GMT
On Wednesday 24 August 2011, Roy T. Fielding wrote:
> My suggestion is to reject any request with overlapping ranges or
> more than five ranges with a 416, and to send 200 for any request
> with 4-5 ranges.  There is simply no need to support random access
> in HTTP.

Even with WebDAV?

BTW, I think Adobe reader does range requests to download single pages 
from a pdf. It would be interesting to see what kind of requests it 
does, but I don't have it installed right now.

View raw message