You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is actually a critical vulnerability, good catch! in addition to content length and type checking we should probably set a timeout and close the connection if its still downloading after it, to prevent malicious attempts to overload the bot by creating a server that falsely reports content length and type
Hello,
Pasting a link to a stream or to abig file eats up the server memory, eventually leading to an OOM situation.
Looking at the web.py and url.py modules, i currently don't know about a fix, but will look a little bit into it. Do you have an idea ?
Maybe we can do an HEAD request looking for content-length/content-type fields..
Cheers
The text was updated successfully, but these errors were encountered: