This commit is contained in:
yhirose 2019-04-10 12:21:42 -04:00
parent 8483e5931f
commit a91a0b7dbf
2 changed files with 18 additions and 1 deletions

View file

@ -85,6 +85,7 @@ typedef int socket_t;
*/ */
#define CPPHTTPLIB_KEEPALIVE_TIMEOUT_SECOND 5 #define CPPHTTPLIB_KEEPALIVE_TIMEOUT_SECOND 5
#define CPPHTTPLIB_KEEPALIVE_TIMEOUT_USECOND 0 #define CPPHTTPLIB_KEEPALIVE_TIMEOUT_USECOND 0
#define CPPHTTPLIB_REQUEST_URI_MAX_LENGTH 8192
namespace httplib namespace httplib
{ {
@ -430,6 +431,14 @@ public:
} }
} }
size_t size() const {
if (glowable_buffer_.empty()) {
return fixed_buffer_used_size_;
} else {
return glowable_buffer_.size();
}
}
bool getline() { bool getline() {
fixed_buffer_used_size_ = 0; fixed_buffer_used_size_ = 0;
glowable_buffer_.clear(); glowable_buffer_.clear();
@ -772,6 +781,7 @@ inline const char* status_message(int status)
case 400: return "Bad Request"; case 400: return "Bad Request";
case 403: return "Forbidden"; case 403: return "Forbidden";
case 404: return "Not Found"; case 404: return "Not Found";
case 414: return "Request-URI Too Long";
case 415: return "Unsupported Media Type"; case 415: return "Unsupported Media Type";
default: default:
case 500: return "Internal Server Error"; case 500: return "Internal Server Error";
@ -1921,6 +1931,13 @@ inline bool Server::process_request(Stream& strm, bool last_connection, bool& co
res.version = "HTTP/1.1"; res.version = "HTTP/1.1";
// Check if the request URI doesn't exceed the limit
if (reader.size() > CPPHTTPLIB_REQUEST_URI_MAX_LENGTH) {
res.status = 414;
write_response(strm, last_connection, req, res);
return true;
}
// Request line and headers // Request line and headers
if (!parse_request_line(reader.ptr(), req) || !detail::read_headers(strm, req.headers)) { if (!parse_request_line(reader.ptr(), req) || !detail::read_headers(strm, req.headers)) {
res.status = 400; res.status = 400;

View file

@ -757,7 +757,7 @@ TEST_F(ServerTest, LongQueryValue)
auto res = cli_.Get(LONG_QUERY_URL.c_str()); auto res = cli_.Get(LONG_QUERY_URL.c_str());
ASSERT_TRUE(res != nullptr); ASSERT_TRUE(res != nullptr);
EXPECT_EQ(200, res->status); EXPECT_EQ(414, res->status);
} }
TEST_F(ServerTest, TooLongHeader) TEST_F(ServerTest, TooLongHeader)