Is it possible to enforce a max upload size in Plack::Middleware without reading the entire body of the request?
Asked Answered
N

1

9

I've just converted a PageKit (mod_perl) application to Plack. This means that I now need some way to enforce the POST_MAX/MAX_BODY that Apache2::Request would have previously handled. The easiest way to do this would probably be just to put nginx in front of the app, but the app is already sitting behind HAProxy and I don't see how to do this with HAProxy.

So, my question is how I might go about enforcing a maximum body size in Plack::Middleware without reading the entire body of the request first?

Specifically I'm concerned with file uploads. Checking size via Plack::Request::Upload is too late, since the entire body would have been read at this point. The app will be deployed via Starman, so psgix.streaming should be true.

Nowise answered 17/12, 2014 at 15:50 Comment(0)
N
3

I got a response from Tatsuhiko Miyagawa via Twitter. He says, "if you deploy with Starman it's too late even with the middleware because the buffering is on. I'd do it with nginx".

This answers my particular question as I'm dealing with a Starman deployment.

He also noted that "rejecting a bigger upload before reading it on the backend could cause issues in general"

Nowise answered 17/12, 2014 at 16:48 Comment(2)
Perhaps not as many problems as allowed the uploads of unlimited size. Surely this can't be the optimal solution?Grimsby
For me it's the easiest one. The app sits behind nginx, which enforces the max_upload size, so it's no longer the app's problem to deal with. I had wondered if you could enforce it at the application level so that I could test the max_upload size without getting a web server involved, but I'm fine with setting it up this way.Nowise

© 2022 - 2024 — McMap. All rights reserved.