From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <e@80x24.org>
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on dcvr.yhbt.net
X-Spam-Level: 
X-Spam-ASN: 
X-Spam-Status: No, score=-2.9 required=3.0 tests=ALL_TRUSTED,AWL,BAYES_00
 shortcircuit=no autolearn=unavailable version=3.3.2
X-Original-To: meta@public-inbox.org
Received: from localhost (dcvr.yhbt.net [127.0.0.1]) by dcvr.yhbt.net
 (Postfix) with ESMTP id D8BB263381F for <meta@public-inbox.org>; Sun,  6 Mar
 2016 02:09:28 +0000 (UTC)
From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH 0/3] http: some DoS prevention
Date: Sun,  6 Mar 2016 02:09:19 +0000
Message-Id: <1457230162-10960-1-git-send-email-e@80x24.org>
List-Id: <meta@public-inbox.org>

Since public-inbox-httpd is may face untrusted clients directly
without a reverse proxy like haproxy/nginx; we should have some
basic protection to avoid DoS attacks involving excessive
resource use.

Eric Wong (3):
      http: reject excessive headers
      http: ensure errors are printable before PSGI env
      http: reject excessively large HTTP request bodies

 lib/PublicInbox/HTTP.pm | 23 ++++++++++++++++++++---
 t/httpd-corner.t        | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+), 3 deletions(-)