diff options
author | Frédéric Guillot <fred@miniflux.net> | 2018-01-02 18:30:26 -0800 |
---|---|---|
committer | Frédéric Guillot <fred@miniflux.net> | 2018-01-02 18:30:26 -0800 |
commit | aae3d75490e5bddc7bae8d141d8e6f901c22fdd1 (patch) | |
tree | 227ed3e75da900d0823a664b134c6ca35bff9891 /http | |
parent | 5558c94a575f72f56983165c7dfd847a8e7ee59f (diff) |
Add body size limit
Diffstat (limited to 'http')
-rw-r--r-- | http/client.go | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/http/client.go b/http/client.go index df1cbab..9ca542a 100644 --- a/http/client.go +++ b/http/client.go @@ -22,6 +22,7 @@ import ( // Note: Some websites have a user agent filter. const userAgent = "Mozilla/5.0 (like Gecko, like Safari, like Chrome) - Miniflux <https://miniflux.net/>" const requestTimeout = 300 +const maxBodySize = 1024 * 1024 * 15 // Client is a HTTP Client :) type Client struct { @@ -80,6 +81,10 @@ func (c *Client) executeRequest(request *http.Request) (*Response, error) { return nil, err } + if resp.ContentLength > maxBodySize { + return nil, fmt.Errorf("client: response too large (%d bytes)", resp.ContentLength) + } + response := &Response{ Body: resp.Body, StatusCode: resp.StatusCode, @@ -89,10 +94,11 @@ func (c *Client) executeRequest(request *http.Request) (*Response, error) { ContentType: resp.Header.Get("Content-Type"), } - logger.Debug("[HttpClient:%s] OriginalURL=%s, StatusCode=%d, ETag=%s, LastModified=%s, EffectiveURL=%s", + logger.Debug("[HttpClient:%s] OriginalURL=%s, StatusCode=%d, ContentLength=%d, ETag=%s, LastModified=%s, EffectiveURL=%s", request.Method, c.url, response.StatusCode, + resp.ContentLength, response.ETag, response.LastModified, response.EffectiveURL, |