diff options
author | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-06-29 15:30:11 -0400 |
---|---|---|
committer | Jonathan Buchanan <jonathan.russ.buchanan@gmail.com> | 2020-06-29 15:30:11 -0400 |
commit | c8b6ad8abd3a9bd2491262fc9cb881b9b491969d (patch) | |
tree | d8f382bf0c8445d5a40273843c907aab91e2264b | |
parent | b637514b36e6c0f44505fca510f3033b85c932ff (diff) | |
download | merchant-c8b6ad8abd3a9bd2491262fc9cb881b9b491969d.tar.gz merchant-c8b6ad8abd3a9bd2491262fc9cb881b9b491969d.tar.bz2 merchant-c8b6ad8abd3a9bd2491262fc9cb881b9b491969d.zip |
filler max_upload values for all POST/PATCH handlers
-rw-r--r-- | src/backend/taler-merchant-httpd.c | 59 |
1 files changed, 48 insertions, 11 deletions
diff --git a/src/backend/taler-merchant-httpd.c b/src/backend/taler-merchant-httpd.c index 488e45b9..b60eec4f 100644 --- a/src/backend/taler-merchant-httpd.c +++ b/src/backend/taler-merchant-httpd.c @@ -782,14 +782,24 @@ url_handler (void *cls, { .url_prefix = "/", .method = MHD_HTTP_METHOD_PATCH, - .handler = &TMH_private_patch_instances_ID + .handler = &TMH_private_patch_instances_ID, + /* allow instance data of up to 8 MB, that should be plenty; + note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB) + would require further changes to the allocation logic + in the code... */ + .max_upload = 1024 * 1024 * 8 }, /* POST /instances: */ { .url_prefix = "/instances", .method = MHD_HTTP_METHOD_POST, .skip_instance = true, - .handler = &TMH_private_post_instances + .handler = &TMH_private_post_instances, + /* allow instance data of up to 8 MB, that should be plenty; + note that exceeding #GNUNET_MAX_MALLOC_CHECKED (40 MB) + would require further changes to the allocation logic + in the code... */ + .max_upload = 1024 * 1024 * 8 }, /* GET /products: */ { @@ -840,7 +850,10 @@ url_handler (void *cls, .url_suffix = "lock", .method = MHD_HTTP_METHOD_POST, .have_id_segment = true, - .handler = &TMH_private_post_products_ID_lock + .handler = &TMH_private_post_products_ID_lock, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* POST /orders: */ { @@ -872,7 +885,10 @@ url_handler (void *cls, .url_suffix = "refund", .method = MHD_HTTP_METHOD_POST, .have_id_segment = true, - .handler = &TMH_private_post_orders_ID_refund + .handler = &TMH_private_post_orders_ID_refund, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* DELETE /orders/$ID: */ { @@ -885,7 +901,10 @@ url_handler (void *cls, { .url_prefix = "/reserves", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_private_post_reserves + .handler = &TMH_private_post_reserves, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* DELETE /reserves/$ID: */ { @@ -900,13 +919,19 @@ url_handler (void *cls, .url_suffix = "authorize-tip", .have_id_segment = true, .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_private_post_reserves_ID_authorize_tip + .handler = &TMH_private_post_reserves_ID_authorize_tip, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* POST /tips: */ { .url_prefix = "/tips", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_private_post_tips + .handler = &TMH_private_post_tips, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* GET /tips: */ { @@ -938,7 +963,10 @@ url_handler (void *cls, { .url_prefix = "/transfers", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_private_post_transfers + .handler = &TMH_private_post_transfers, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* GET /transfers: */ { @@ -980,7 +1008,10 @@ url_handler (void *cls, .have_id_segment = true, .url_suffix = "abort", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_post_orders_ID_abort + .handler = &TMH_post_orders_ID_abort, + /* wallet may give us many coins to sign, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* POST /orders/$ID/claim: */ { @@ -988,7 +1019,10 @@ url_handler (void *cls, .have_id_segment = true, .url_suffix = "claim", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_post_orders_ID_claim + .handler = &TMH_post_orders_ID_claim, + /* the body should be pretty small, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* POST /orders/$ID/pay: */ { @@ -996,7 +1030,10 @@ url_handler (void *cls, .have_id_segment = true, .url_suffix = "pay", .method = MHD_HTTP_METHOD_POST, - .handler = &TMH_post_orders_ID_pay + .handler = &TMH_post_orders_ID_pay, + /* wallet may give us many coins to sign, allow 1 MB of upload + to set a conservative bound for sane wallets */ + .max_upload = 1024 * 1024 }, /* GET /orders/$ID: */ { |