Thanks! This is somehow related to ticket https://twistedmatrix.com/trac/ticket/288 , where things are complicated.
I am worried about malicious HTTP clients sending huge data which ends in memory. My previous example is bad since curl will truncate cookies at 8K. I checked the code deep and twisted.protocols.basic.LineRecever has a default line size of 16384. Together with the default headers count, this gives a default limit of about 7.8MB. I have created a ticket and we can continue there: https://twistedmatrix.com/trac/ticket/6927 Thanks! On 22 January 2014 14:48, Laurens Van Houtven <_...@lvh.io> wrote: > Hi Adi, > > I'm assuming this is somewhat related to > http://homakov.blogspot.be/2014/01/cookie-bomb-or-lets-break-internet.html:) > > I don't know of any mechanisms to limit cookie size. It's probably a good > feature to have, and perhaps even enable by default. > > cheers > lvh > > _______________________________________________ > Twisted-Python mailing list > Twisted-Python@twistedmatrix.com > http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python > > -- Adi Roiban
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python