jabal
Reputation: 12367
Protecting Java webapp (using JAX-RS) against too big HTTP requests
I have a JAX-RS 1.1 resource FooBar that has a method which accepts a String POST parameter as follows
@Path("/foobar")
public class FooBar {
@POST
public void doSomething(@FormParam("name") String name) {
//...
}
}
Is it possible to protect this from being called if name is longer than a specified maximum? I wonder what it does if the name is of size 1GB?
Upvotes: 1
Views: 1095
Answers (2)
Visionary Software Solutions
Reputation: 3848
Typically you would use a filter. Here's an example in Grails, and one in Ruby. Here's a tutorial that would show how to do this in Jersey.
Upvotes: 1
Anton
Reputation: 6061
Usually, you can configure maximum size of post request on ServletContainer. For example, Tomcat has maxPostSize setting in httpConnector directive. By default it's 2 mb or so in Tomcat.
Upvotes: 2
Related Questions
- how to protect xml requests on a jersey server?
- Securing REST services in Jersey
- How to prevent DDoS attack with Jax-RS?
- Limiting the maximum request size in Tomcat
- Preventing the Jersey client from causing an outofmemory error when posting large files
- Securing a jersey RESTful web service
- Securing RESTful webservices (Jersey on Tomcat)
- Best way to restrict access Java EE RESTFul APIs
- RESTful web services - for large requests
- Webservice protection against big messages