Limiting API request size
pboguslawski opened this issue · comments
Paweł Bogusławski commented
Didn't find any config param nor hard-coded values to limit CFSSL's API request header and body sizes.
Consider configurable (better probably) or hard-coded limits for both elements (to prevent clients from accidentally or maliciously sending a large request and wasting server resources) using i.e.
- MaxHeaderBytes for headers,
Content-Length
and MaxBytesReader for body.