zefie/minisrv
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

yet another potential DoS fix

Browse Source
This commit is contained in:
zefie
2024-05-04 12:14:06 -04:00
parent 59eeda7367
commit ae93620b7a
2 changed files with 111 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
zefie_wtvp_minisrv/app.js
View File

@@ -1683,8 +1683,12 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
socket_sessions[socket.id].headers = headers;
}
} else if (socket.ssid) {
try {
// handle streaming POST
if (socket_sessions[socket.id].expecting_post_data && headers) {
if (socket_sessions[socket.id].post_data_length > (minisrv_config.config.max_post_length * 1024 * 1024)) {
closeSocket(socket);
} else {
socket_sessions[socket.id].headers = headers;
if (socket_sessions[socket.id].post_data.length < (socket_sessions[socket.id].post_data_length * 2)) {
new_header_obj = null;
@@ -1747,6 +1751,7 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
sendToClient(socket, headers, data);
return;
}
}
} else if (!skipSecure) {
if (!encryptedRequest) {
if (socket_sessions[socket.id].secure != true) {
@@ -1809,6 +1814,9 @@ async function processRequest(socket, data_hex, skipSecure = false, encryptedReq
} else {
cleanupSocket(socket);
}
} catch (e) {
cleanupSocket(socket);
}
} else {
cleanupSocket(socket);
}

1
zefie_wtvp_minisrv/includes/config.json
View File

@@ -46,6 +46,7 @@
"enable_port_isolation": true, // Only respond to services on their correct ports
"allow_guests": true, // Allow users to experience the server without registering
"domain_name": "wtv.zefie.com", // For usenet and future stuff, no need to change just yet,
"max_post_length": 20, // in megabytes
"user_accounts": { // user account settings
"max_users_per_account": 6, // Max total users (including primary) per account
"min_username_length": 5, // minimum username length