diff --git a/docs/manual/mod/core.html.en b/docs/manual/mod/core.html.en index e1ec8d0..833fa7b 100644 --- a/docs/manual/mod/core.html.en +++ b/docs/manual/mod/core.html.en @@ -2748,16 +2748,16 @@ subrequests Description:Restricts the total size of the HTTP request body sent from the client Syntax:LimitRequestBody bytes -Default:LimitRequestBody 0 +Default:LimitRequestBody 1073741824 Context:server config, virtual host, directory, .htaccess Override:All Status:Core Module:core +Compatibility:In Apache HTTP Server 2.4.53 and earlier, the default value + was 0 (unlimited) -

This directive specifies the number of bytes from 0 - (meaning unlimited) to 2147483647 (2GB) that are allowed in a - request body. See the note below for the limited applicability - to proxy requests.

+

This directive specifies the number of bytes + that are allowed in a request body. A value of 0 means unlimited.

The LimitRequestBody directive allows the user to set a limit on the allowed size of an HTTP request @@ -2783,12 +2783,6 @@ from the client

LimitRequestBody 102400
- -

For a full description of how this directive is interpreted by - proxy requests, see the mod_proxy documentation.

-
- -
top

LimitRequestFields Directive

diff --git a/docs/manual/mod/mod_proxy.html.en b/docs/manual/mod/mod_proxy.html.en index 2cc6ace..c9e4634 100644 --- a/docs/manual/mod/mod_proxy.html.en +++ b/docs/manual/mod/mod_proxy.html.en @@ -459,9 +459,6 @@ ProxyPass "/examples" "http://backend.example.com/examples" timeout=10 Content-Length header, but the server is configured to filter incoming request bodies.

-

LimitRequestBody only applies to - request bodies that the server will spool to disk

-
top

Reverse Proxy Request Headers

diff --git a/modules/http/http_filters.c b/modules/http/http_filters.c index 6bedcac..393343a 100644 --- a/modules/http/http_filters.c +++ b/modules/http/http_filters.c @@ -1710,6 +1710,7 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy) { const char *tenc = apr_table_get(r->headers_in, "Transfer-Encoding"); const char *lenp = apr_table_get(r->headers_in, "Content-Length"); + apr_off_t limit_req_body = ap_get_limit_req_body(r); r->read_body = read_policy; r->read_chunked = 0; @@ -1748,6 +1749,11 @@ AP_DECLARE(int) ap_setup_client_block(request_rec *r, int read_policy) return HTTP_REQUEST_ENTITY_TOO_LARGE; } + if (limit_req_body > 0 && (r->remaining > limit_req_body)) { + /* will be logged when the body is discarded */ + return HTTP_REQUEST_ENTITY_TOO_LARGE; + } + #ifdef AP_DEBUG { /* Make sure ap_getline() didn't leave any droppings. */ diff --git a/server/core.c b/server/core.c index a0bfaad..6556f20 100644 --- a/server/core.c +++ b/server/core.c @@ -65,7 +65,7 @@ /* LimitRequestBody handling */ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) -#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) +#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */ /* LimitXMLRequestBody handling */ #define AP_LIMIT_UNSET ((long) -1)