On Thu, Jan 9, 2014 at 10:56 AM, Shane Maloney <[email protected]>wrote:
> Just a quick question on the 5.0 release, > > > - POST and Websocket data are now buffered, and cannot be huge > > when you say "huge" what are you talking about? To be specific I want to > send a few 100k of data in a single websocket message. > Hi Shane, For POST and Websocket requests handled by user callback, mongoose buffers the whole payload prior to invoking callback. It does it by calling malloc(). If malloc() fails, then mongoose reports error. Thus the meaning of "huge" depends on how much memory your system has. For example, on my laptop POST of few hundreds of megabytes are served fine. So, on usual environments, few hundred kilobytes is totally OK. It would be possible to attack a server by deliberately sending big POST requests. That of course can be said about any other server. Anyway, there is an extra level of protection: a compile time option -DUSE_POST_SIZE_LIMIT documented at http://cesanta.com/#docs,Embed.md . When set, it makes mongoose to reject all POST or Websocket requests that are larger then specified threshold. Note that limitation is only for embedded case, it doesn't apply to CGI. Example of setting up the limit: cc my_app.c mongoose.c -DUSE_POST_SIZE_LIMIT=999999 -- You received this message because you are subscribed to the Google Groups "mongoose-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mongoose-users. For more options, visit https://groups.google.com/groups/opt_out.
