Stricter handling of request header size

This commit is contained in:
L. Kärkkäinen 2020-03-02 14:54:54 +02:00
parent 9baa2419cd
commit 50cca39185

View File

@ -91,8 +91,12 @@ class Http:
except Exception as e: except Exception as e:
# Write an error response # Write an error response
await self.error_response(e) await self.error_response(e)
# Exit and disconnect if finished # Exit and disconnect if no more requests can be taken
if self.stage is not Stage.IDLE or not self.keep_alive: if (
self.stage is not Stage.IDLE
or self.request_body
or not self.keep_alive
):
break break
# Wait for next request # Wait for next request
if not self.recv_buffer: if not self.recv_buffer:
@ -103,16 +107,15 @@ class Http:
# Receive until full header is in buffer # Receive until full header is in buffer
buf = self.recv_buffer buf = self.recv_buffer
pos = 0 pos = 0
while len(buf) < self.protocol.request_max_size: while True:
if buf:
pos = buf.find(b"\r\n\r\n", pos) pos = buf.find(b"\r\n\r\n", pos)
if pos >= 0: if pos != -1:
break break
pos = max(0, len(buf) - 3) pos = max(0, len(buf) - 3)
if pos >= self.request_max_size:
break
await self._receive_more() await self._receive_more()
if self.stage is Stage.IDLE: if pos >= self.request_max_size:
self.stage = Stage.REQUEST
else:
raise PayloadTooLarge("Payload Too Large") raise PayloadTooLarge("Payload Too Large")
# Parse header content # Parse header content
try: try: