[Zope-Checkins] CVS: Packages/Zope/Startup - handlers.py:1.6.2.15
zopeschema.xml:1.7.2.17
Andreas Jung
andreas at andreas-jung.com
Sat Nov 27 03:24:59 EST 2004
Update of /cvs-repository/Packages/Zope/Startup
In directory cvs.zope.org:/tmp/cvs-serv21239/lib/python/Zope/Startup
Modified Files:
Tag: Zope-2_7-branch
handlers.py zopeschema.xml
Log Message:
- Collector #1003: added new 'http-header-max-length' directive
to zope.conf to specific the maximum length of a HTTP request
header before it is considered as a possible DoS attack and
discarded.
=== Packages/Zope/Startup/handlers.py 1.6.2.14 => 1.6.2.15 ===
--- Packages/Zope/Startup/handlers.py:1.6.2.14 Fri Nov 26 07:07:24 2004
+++ Packages/Zope/Startup/handlers.py Sat Nov 27 03:24:29 2004
@@ -113,11 +113,12 @@
import ZServer
ZServer.CONNECTION_LIMIT = value
-
def cgi_maxlen(value):
import cgi
cgi.maxlen = value
+def http_header_max_length(value):
+ return value
# server handlers
=== Packages/Zope/Startup/zopeschema.xml 1.7.2.16 => 1.7.2.17 ===
--- Packages/Zope/Startup/zopeschema.xml:1.7.2.16 Fri Nov 26 07:07:24 2004
+++ Packages/Zope/Startup/zopeschema.xml Sat Nov 27 03:24:29 2004
@@ -538,6 +538,12 @@
</description>
</key>
+ <key name="http-header-max-length" default="8192" handler="http_header_max_length" datatype="integer">
+ <description>
+ Maximum size of received HTTP header being processed by Zope
+ </description>
+ </key>
+
<key name="automatically-quote-dtml-request-data" datatype="boolean"
default="on" handler="automatically_quote_dtml_request_data">
<description>
More information about the Zope-Checkins
mailing list