No, according to my reading of the code, a value of 0 will
almost
definitely result in a "premature closure" and
possibly other unusual
behavior, regardless of the response, as the request will be
returned
before the request has been fully read. Not to mention the
possibility of a request being misinterpreted due to the
request not
being completely read (variables will be missing, etc). I
don't
believe that this value is meant to be a means of limiting
the types
of request (that's handled elsewhere, iirc), but as a means
to
prevent a DOS or something like that.
Either way, I think it's a much better policy to not process
the
request (and log the error in the access log) when these
limits are
crossed. That _should_ be the behavior following the changes
I made,
even if the browser doesn't display that:
localhost - - [16/Aug/2007:20:50:17 -0400] "POST
/fup.pike HTTP/1.1"
413 37 "http://localho
st:801/upload.html" "unknown"
Bill
On Aug 16, 2007, at 9:16 PM, Martin Bähr wrote:
> On Thu, Aug 16, 2007 at 11:17:58PM +0000, Bill Welliver
wrote:
>> modify the help for maximum post body size.
>> anyone care to comment on the usefulness of 0 (a
value of 0
>> ignores the body)?
> well, it is more useful than eg 1byte.
> if you don't want to allow POST or PUT requests, then
setting 0 here
> makes sense. otherwise the question would be, what is
the minimum body
> size that should be allowed? and if 1byte is allowed,
then why not 0?
>
> greetings, martin.
|
