You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There should be an optional read limit for reading the response body - otherwise a website could literally respond with GBs of data.
The problem was already raised (and incorrectly dismissed) in 2013 with issue #28. The solution is NOT to check first the content-length header, which may be incorrect and arbitrary.
The solution is to use an io.LimitReader if a read limit is defined. I'm going to create a pull request which implements that.
The text was updated successfully, but these errors were encountered:
There should be an optional read limit for reading the response body - otherwise a website could literally respond with GBs of data.
The problem was already raised (and incorrectly dismissed) in 2013 with issue #28. The solution is NOT to check first the content-length header, which may be incorrect and arbitrary.
The solution is to use an
io.LimitReaderif a read limit is defined. I'm going to create a pull request which implements that.The text was updated successfully, but these errors were encountered: