oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-08-11 17:50:59 +00:00
Code Wiki Activity

fix: Respond with HTTP code 413, when request size is too big

Browse source
This commit is contained in:
Jakub Pieńkowski 2025-07-04 16:16:44 +00:00 committed by Matthias Ahouansou
parent a8fa237fad
commit a87f4b6171
4 changed files with 19 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Cargo.lock generated
View file

@ -510,6 +510,7 @@ dependencies = [
"hickory-resolver", "hickory-resolver",
"hmac", "hmac",
"http", "http",
"http-body-util",
"humantime", "humantime",
"humantime-serde", "humantime-serde",
"hyper", "hyper",

2
Cargo.toml
View file

@ -152,6 +152,8 @@ tikv-jemallocator = { version = "0.6", features = [
], optional = true } ], optional = true }
sd-notify = { version = "0.4", optional = true } sd-notify = { version = "0.4", optional = true }
# Used for inspecting request errors
http-body-util = "0.1.3"
# Used for matrix spec type definitions and helpers # Used for matrix spec type definitions and helpers
[dependencies.ruma] [dependencies.ruma]

19
src/api/ruma_wrapper/axum.rs
View file

@ -1,10 +1,10 @@
use std::{collections::BTreeMap, iter::FromIterator, str}; use std::{collections::BTreeMap, error::Error as _, iter::FromIterator, str};
use axum::{ use axum::{
body::Body, body::Body,
extract::{FromRequest, Path}, extract::{FromRequest, Path},
response::{IntoResponse, Response}, response::{IntoResponse, Response},
RequestExt, RequestPartsExt, RequestPartsExt,
}; };
use axum_extra::{ use axum_extra::{
headers::{authorization::Bearer, Authorization}, headers::{authorization::Bearer, Authorization},
@ -48,8 +48,7 @@ where
} }
let (mut parts, mut body) = { let (mut parts, mut body) = {
let limited_req = req.with_limited_body(); let (parts, body) = req.into_parts();
let (parts, body) = limited_req.into_parts();
let body = axum::body::to_bytes( let body = axum::body::to_bytes(
body, body,
services() services()
@ -59,7 +58,17 @@ where
.unwrap_or(usize::MAX), .unwrap_or(usize::MAX),
) )
.await .await
.map_err(|_| Error::BadRequest(ErrorKind::MissingToken, "Missing token."))?; .map_err(|err| {
if err
.source()
.is_some_and(|err| err.is::<http_body_util::LengthLimitError>())
{
Error::BadRequest(ErrorKind::TooLarge, "Reached maximum request size")
} else {
error!("An unknown error has occurred: {err}");
Error::BadRequest(ErrorKind::Unknown, "An unknown error has occurred")
}
})?;
(parts, body) (parts, body)
}; };

10
src/main.rs
View file

@ -2,7 +2,7 @@ use std::{future::Future, io, net::SocketAddr, sync::atomic, time::Duration};
use axum::{ use axum::{
body::Body, body::Body,
extract::{DefaultBodyLimit, FromRequestParts, MatchedPath}, extract::{FromRequestParts, MatchedPath},
middleware::map_response, middleware::map_response,
response::{IntoResponse, Response}, response::{IntoResponse, Response},
routing::{any, get, on, MethodFilter}, routing::{any, get, on, MethodFilter},
@ -240,13 +240,7 @@ async fn run_server() -> io::Result<()> {
]) ])
.max_age(Duration::from_secs(86400)), .max_age(Duration::from_secs(86400)),
) )
.layer(map_response(set_csp_header)) .layer(map_response(set_csp_header));
.layer(DefaultBodyLimit::max(
config
.max_request_size
.try_into()
.expect("failed to convert max request size"),
));
let app = routes(config).layer(middlewares).into_make_service(); let app = routes(config).layer(middlewares).into_make_service();
let handle = ServerHandle::new(); let handle = ServerHandle::new();