summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2017-03-08 14:17:50 +0100
committerLinus Nordberg <linus@nordu.net>2017-03-08 14:17:50 +0100
commit221c6771035d7a3c1e0441a46248a44ca2e99077 (patch)
treeb82628c246ccbb9d147e0863b0903ef375103394
parenteec8813f52cf6ac3cdf8b40155f2fdc746056bbb (diff)
parent8579acaece04a06cd05fc628e8737abda3836330 (diff)
Merge branch 'CATLFISH-98'
-rw-r--r--NEWS.md5
-rw-r--r--src/catlfish_web.erl9
2 files changed, 12 insertions, 2 deletions
diff --git a/NEWS.md b/NEWS.md
index 52d2017..a330628 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -7,7 +7,10 @@
order for signing nodes to generate an SCT for it. This prevents a
rouge frontend node from sending out an SCT for an entry that will
never be merged. An effect of this is that the SCT cache is now
- mandatory and can not be disabled.
+ mandatory and can not be disabled (closes CATLFISH-28).
+
+- Allow HTTP POST body sizes up to 10MB, when sent in chunks up to 1MB
+ in size (closes CATLFISH-98).
## Bug fixes
diff --git a/src/catlfish_web.erl b/src/catlfish_web.erl
index 2ddd7ed..8cf3092 100644
--- a/src/catlfish_web.erl
+++ b/src/catlfish_web.erl
@@ -4,6 +4,9 @@
-module(catlfish_web).
-export([start/3, loop/2]).
+%% Max size of POST body, in octets.
+-define(MAX_RECV_BODY, 10*1024*1024). % 10MB.
+
start(Options, Module, Name) ->
lager:debug("Starting catlfish web server: ~p", [Module]),
Loop = fun (Req) ->
@@ -62,7 +65,7 @@ loop(Req, Module) ->
Req:respond(Result)
end;
'POST' ->
- Body = Req:recv_body(),
+ Body = Req:recv_body(?MAX_RECV_BODY),
Result = case http_auth:verify_auth(AuthHeader, "POST",
Path, Body) of
failure ->
@@ -91,6 +94,10 @@ loop(Req, Module) ->
Req:respond({501, [], []})
end
catch
+ exit:{body_too_large, What} ->
+ lager:info("HTTP POST body too large: ~p", [What]),
+ Req:respond({413, [{"Content-Type", "text/plain"}],
+ "Request Entity Too Large\n"});
Type:What ->
[CrashFunction | Stack] = erlang:get_stacktrace(),
lager:error("Crash in ~p for path ~p: ~p ~p~n~p~n~p~n",