1172Re: [soaplite] Re: $My::SOAP::Transport::CGI::POST_MAX = 100 * 1024
- Jan 21, 2002Thinking about this a bit more, I'm not sure of the usefulness of
checking content-length at this stage - it may be too late.
What's the motivation? To stop deliberate attempts to overload/crash
the SOAP application? By the time the CGI application runs, the http
server has probably read all the request anyway. Maybe it's the http
server which needs to have limit applied?
However I notice that CGI.pm has a similar idea, $CGI::POST_MAX,
so perhaps it's a sound idea.
On 2002-01-21 Paul Kulchenko <paulclinger@...> wrote:
>--- aaron_of_montreal <aaron_of_montreal@...> wrote:
>> That's what I thought, originally, but decided to err on the side
>> of paranoia :
>> "The Content-length header specifies the length of the data (in
>> that is returned by the client-specified URL. Due to the dynamic
>> nature of some requests, the Content-length is sometimes unknown,
>> and this header might be omitted." 
>>From the context it seems like this text applies to server side,
>rather than to client side, so Duncan's code should be sufficient in
>most if not all cases.
>The only problem that I currently have is whether I should return
>HTTP error (for example: "413 Request Entity Too Large") or SOAP
>fault. I can also generate "411 Length Required" when there is no
>Best wishes, Paul.
- << Previous post in topic Next post in topic >>