wsgi should limit max body size of a request
Bug #1251313 reported by
Nikhil Komawar
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Glance |
Triaged
|
Wishlist
|
Unassigned |
Bug Description
Currently the wsgi server does not check for the size of the body in the request and it could result into someone uploading a really big image or infinite steam of data resulting into DOS attack or bringing down the service all together.
Changed in glance: | |
importance: | Undecided → Wishlist |
status: | New → Confirmed |
status: | Confirmed → Triaged |
tags: | removed: propose-close |
Changed in glance: | |
assignee: | nobody → jelly (coding1314) |
To post a comment you must log in.
I can't say for certain, but it seems like people would normally solve this problem at their load-balancer level.