Hi,
acoording to the following code, ap_http_filter does not check the body
limit of proxied requests :
/* LimitRequestBody does not apply to proxied responses.
* Consider implementing this check in its own filter.
* Would adding a directive to limit the size of proxied
* responses be useful?
*/
if (!f->r->proxyreq) {
ctx->limit = ap_get_limit_req_body(f->r);
}
else {
ctx->limit = 0;
}
The comment states that it does not apply to proxied response but in fact
it does not for anything proxied.
I admit it can hardly apply to PROXYREQ_RESPONSE or PROXYREQ_PROXY (albeit,
with a separate directive), but shouldn't the limit also be checked against
the reverse-proxied requests ?
Like :
/* LimitRequestBody does not apply to proxied responses.
* Consider implementing this check in its own filter.
* Would adding a directive to limit the size of proxied
* responses be useful?
*/
if (!f->r->proxyreq || f->r->proxyreq == PROXYREQ_REVERSE) {
ctx->limit = ap_get_limit_req_body(f->r);
}
else {
ctx->limit = 0;
}
Regards,
Yann.
