Descriptionhttp: add MaxBytesReader to limit request body size
This adds http.MaxBytesReader, similar to io.LimitReader,
but specific to http, and for preventing a class of DoS
attacks.
This also makes the 10MB ParseForm limit optional (if
not already set by a MaxBytesReader), documents it,
and also adds "PUT" as a valid verb for parsing forms
in the request body.
Improves issue 2093 (DoS protection)
Fixes issue 2165 (PUT form parsing)
Patch Set 1 #Patch Set 2 : diff -r f2958b0ad781 https://go.googlecode.com/hg/ #Patch Set 3 : diff -r f2958b0ad781 https://go.googlecode.com/hg/ #
Total comments: 26
Patch Set 4 : diff -r 131e9e06898f https://go.googlecode.com/hg/ #
Total comments: 2
Patch Set 5 : diff -r 131e9e06898f https://go.googlecode.com/hg/ #
Total comments: 3
MessagesTotal messages: 10
|