https://bz.apache.org/bugzilla/show_bug.cgi?id=64866
--- Comment #3 from Ruediger Pluem <[email protected]> --- A little bit of a background: RFC 7230 which supersedes RFC 2616 defines no maximum number that can be specified in the content-length field (3.3.2), but in 9.3. it recommends to reject too large payloads (RFC 7231, 6.5.11) in order to avoid attacks. The clength field in the request_rec struct has been of type long / apr_off_t for about 20 years. Hence it is sensible for httpd to reject larger content lengthes. The type of the field could be changed, but not for stable versions. Hence this is not an option for 2.4.x. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
