> > On 09/02/2011 02:05 PM, Roberto De Ioris wrote: >>> Seems setting post-buffering was the trick. >>> >>> <post-buffering>8192</post-buffering> >> >> Should not be needed in latest release, i will investigate on this >> >> Is this a custom webob-based app or a pylons one ? >> >> > Pyramid 1.1 > _______________________________________________ >
The situation is a bit messy, first of all the new webob feature (check_disconnection) will require our readline() implementation to read the full body if it does not contain a good amount of '\n'. Even if it is perfectly legal (this is how python readline() works) this will be a security flaw for uWSGI as a malicious upload could allocate a big amount of memory (this could happen even for read() but users/developers have become more smart with this). Enabling --post-buffering will map the request body to a file, using the native python readline(), making webob happy. Another strange thing is that even if i enable --post-buffering during an upload and i do not call req.body but only req.POST i receive the same error generated by check_disconnection. I think it is better for me to talk about it with Ian Bicking, he could point me to some better solution/explanation. -- Roberto De Ioris http://unbit.it _______________________________________________ uWSGI mailing list [email protected] http://lists.unbit.it/cgi-bin/mailman/listinfo/uwsgi
