c# - Validate content-length before model binding ASP.NET Web Api -

-

i wondering how can validate content-length before request body read model binder in asp.net web api.

i can in action it's waste of resources because stream has been read?

var contentlength = request.content.headers.contentlength; if (contentlength > 1024*1024*20) {      throw new httpresponseexception(httpstatuscode.requestentitytoolarge); }

is ok in action filter?

if using owin hosting api, , want globally apply restriction requests, make check in simple owin middleware executed before web api in owin pipeline:

app.use(async (c, n) => {     var request = c.request;      if (request != null)     {         string[] headervalues;         if (request.headers.trygetvalue("content-length", out headervalues))         {             var lengthvalue = headervalues.first();             if (convert.toint64(lengthvalue) > 1024 * 1024 * 20)             {                 c.response.statuscode = (int)httpstatuscode.requestentitytoolarge;                 return;             }         }     }      await n.invoke(); });  //app.usewebapi(..)

[edit]

if need restrict content-length in more fine graded fashion, best option create authorizationfilter executed before model binding in web api pipeline, opposed generic actionfilter.

something should work:

public class maxcontentlengthattribute : authorizationfilterattribute {     private readonly long _maxcontenttype;      public maxcontentlengthattribute(long maxcontenttype)     {         _maxcontenttype = maxcontenttype;     }      public override void onauthorization(httpactioncontext actioncontext)     {         var contentlength = actioncontext.request.content.headers.contentlength;         if (contentlength.hasvalue && contentlength.value > _maxcontenttype)         {             actioncontext.response = actioncontext.request.createresponse(httpstatuscode.requestentitytoolarge);         }     } }

and in controller:

[maxcontentlength(1024*1024*20)] public void post([frombody]foo value) {     dowork(value); }

this way can respond request before content read model-binder.


Comments

Post a Comment

Popular posts from this blog

python - Setting ctypes.Structure default values -

-
this doesn't work: class ifinfomsg(ctypes.structure): _fields_ = [ ('ifi_family', ctypes.c_ubyte), ('__ifi_pad', ctypes.c_ubyte), ('ifi_type', ctypes.c_ushort), ('ifi_index', ctypes.c_int), ('ifi_flags', ctypes.c_uint), ('ifi_change', ctypes.c_uint(0xffffffff)) ] it errors with: file "rtnetlink.py", line 243, in <module> class ifinfomsg(ctypes.structure): typeerror: error when calling metaclass bases second item in _fields_ tuple (index 5) must c type however can set values in __init__() : class ifinfomsg(ctypes.structure): _fields_ = [ ('ifi_family', ctypes.c_ubyte), ('__ifi_pad', ctypes.c_ubyte), ('ifi_type', ctypes.c_ushort), ('ifi_index', ctypes.c_int)...
Read more

SoapUI on windows 10 - high DPI/4K scaling issue -

-
Image
soapui doesn't seem dpi-aware , displays small on high dpi screen (tiny text , buttons). other applications running fine (screen resolution 3840 x 2160). version : soapui 5.1.2 os : windows 10 i have tried: configure soapui run "disable display scaling on high dpi settings" - parts of soapui looking bigger , don't display (image) changing resolution changing font size (preferences > editor settings > select font...) therefore assume, soapui pretends dpi-aware, not scale itself. have same issue? this workaround until developers round making version dpi-aware. step 1: add registry key hkey_local_machine\software\microsoft\windows\currentversion\sidebyside\preferexternalmanifest (dword) 1 step 2: add manifest file 'soapui-5.2.1.exe.manifest' in same directory 'soapui-5.2.1.exe' content of manifest file: <?xml version="1.0" encoding="utf-8" standalone="yes"?> <assembly xml...
Read more

Ansible - ERROR! the field 'hosts' is required but was not set -

-
i've error when launch playbook don't found why.... error! field 'hosts' required not set there main.yml : --- - hosts: hosts - vars: - elasticsearch_java_home: /usr/lib/jmv/jre-1.7.0 - elasticsearch_http_port: 8443 - tasks: - include: tasks/main.yml - handlers: - include: handlers/main.yml and /etc/ansible/hosts : [hosts] 10.23.108.182 10.23.108.183 10.23.108.184 10.23.108.185 when test ping, : [root@poste08-08-00 elasticsearch]# ansible hosts -m ping 10.23.108.183 | success => { "changed": false, "ping": "pong" } 10.23.108.182 | success => { "changed": false, "ping": "pong" } 10.23.108.185 | success => { "changed": false, "ping": "pong" } 10.23.108.184 | success => { "changed": false, "ping": "pong" } please, me :) regards, you have syntax error in playbook. ...
Read more