c# - Validate content-length before model binding ASP.NET Web Api -

-

i wondering how can validate content-length before request body read model binder in asp.net web api.

i can in action it's waste of resources because stream has been read?

var contentlength = request.content.headers.contentlength; if (contentlength > 1024*1024*20) {      throw new httpresponseexception(httpstatuscode.requestentitytoolarge); }

is ok in action filter?

if using owin hosting api, , want globally apply restriction requests, make check in simple owin middleware executed before web api in owin pipeline:

app.use(async (c, n) => {     var request = c.request;      if (request != null)     {         string[] headervalues;         if (request.headers.trygetvalue("content-length", out headervalues))         {             var lengthvalue = headervalues.first();             if (convert.toint64(lengthvalue) > 1024 * 1024 * 20)             {                 c.response.statuscode = (int)httpstatuscode.requestentitytoolarge;                 return;             }         }     }      await n.invoke(); });  //app.usewebapi(..)

[edit]

if need restrict content-length in more fine graded fashion, best option create authorizationfilter executed before model binding in web api pipeline, opposed generic actionfilter.

something should work:

public class maxcontentlengthattribute : authorizationfilterattribute {     private readonly long _maxcontenttype;      public maxcontentlengthattribute(long maxcontenttype)     {         _maxcontenttype = maxcontenttype;     }      public override void onauthorization(httpactioncontext actioncontext)     {         var contentlength = actioncontext.request.content.headers.contentlength;         if (contentlength.hasvalue && contentlength.value > _maxcontenttype)         {             actioncontext.response = actioncontext.request.createresponse(httpstatuscode.requestentitytoolarge);         }     } }

and in controller:

[maxcontentlength(1024*1024*20)] public void post([frombody]foo value) {     dowork(value); }

this way can respond request before content read model-binder.


Comments

Post a Comment

Popular posts from this blog

Ansible - ERROR! the field 'hosts' is required but was not set -

-
i've error when launch playbook don't found why.... error! field 'hosts' required not set there main.yml : --- - hosts: hosts - vars: - elasticsearch_java_home: /usr/lib/jmv/jre-1.7.0 - elasticsearch_http_port: 8443 - tasks: - include: tasks/main.yml - handlers: - include: handlers/main.yml and /etc/ansible/hosts : [hosts] 10.23.108.182 10.23.108.183 10.23.108.184 10.23.108.185 when test ping, : [root@poste08-08-00 elasticsearch]# ansible hosts -m ping 10.23.108.183 | success => { "changed": false, "ping": "pong" } 10.23.108.182 | success => { "changed": false, "ping": "pong" } 10.23.108.185 | success => { "changed": false, "ping": "pong" } 10.23.108.184 | success => { "changed": false, "ping": "pong" } please, me :) regards, you have syntax error in playbook.
Read more

customize file_field button ruby on rails -

-
i'm trying rid of ugly button rails has default file upload. want add glyphicon <%= f.file_field :image_url, class:"glyphicon glyphicon-camera" %> this didn't work , have tried other things in different post saw on page, don't attach file. as suggested here bootstrap filestyle , can use bootstrap's filestyle style file upload buttons. step-1: add layout application.html.erb i have added bootstrap filestyle library cdn. should make sure have both jquery , boostrap loaded. <script type="text/javascript" src="https://cdn.jsdelivr.net/bootstrap.filestyle/1.1.0/js/bootstrap-filestyle.min.js"> </script> step-2: add corresponding js file: $(":file").filestyle({input: false}); step-3: image_url file field follows: <%= f.file_field :image_url,class: "filestyle", "data-input" => false %>
Read more

SoapUI on windows 10 - high DPI/4K scaling issue -

-
Image
soapui doesn't seem dpi-aware , displays small on high dpi screen (tiny text , buttons). other applications running fine (screen resolution 3840 x 2160). version : soapui 5.1.2 os : windows 10 i have tried: configure soapui run "disable display scaling on high dpi settings" - parts of soapui looking bigger , don't display (image) changing resolution changing font size (preferences > editor settings > select font...) therefore assume, soapui pretends dpi-aware, not scale itself. have same issue? this workaround until developers round making version dpi-aware. step 1: add registry key hkey_local_machine\software\microsoft\windows\currentversion\sidebyside\preferexternalmanifest (dword) 1 step 2: add manifest file 'soapui-5.2.1.exe.manifest' in same directory 'soapui-5.2.1.exe' content of manifest file: <?xml version="1.0" encoding="utf-8" standalone="yes"?> <assembly xml
Read more