You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Apr 30, 2021. It is now read-only.
In P:W:Message the max_message_size is set to 2048 bytes. When one have a large HTTP header sent during the handshake (lets say, a lot of cookies, or cookies with large values, or anything similar), the message is silently rejected, and it is really uneasy to:
detect something happened
change the default value
We use P:W via Net::Async::WekSocket::* to manage a WebSocket server, and there is no easy way to carry a different "max_message_size" through the whole system to the P:W:Handshake (despite the fact a large HTTP header is legitimate).
The max_message_size is not even a security : the large message has already been read when the size is tested.
The text was updated successfully, but these errors were encountered:
In P:W:Message : $self->{max_message_size} ||= 2048;
In the Net::Async::WebSocket internal, I can change the call to P:W:Handshake::Server to :
my $hs = Protocol::WebSocket::Handshake::Server->new(
req => Protocol::WebSocket::Request->new(max_message_size => 8192)
);
It changes from the default 2048, but 'undef' will not disable the feature...
Maybe having the default value, in an 'our' global in P:W:Message, or in P:W:Handshake::Server (to be used for the Request if provided) would be a good idea : it can be changed globally, with no need to patch Net::Async stuff...
In P:W:Message the max_message_size is set to 2048 bytes. When one have a large HTTP header sent during the handshake (lets say, a lot of cookies, or cookies with large values, or anything similar), the message is silently rejected, and it is really uneasy to:
We use P:W via Net::Async::WekSocket::* to manage a WebSocket server, and there is no easy way to carry a different "max_message_size" through the whole system to the P:W:Handshake (despite the fact a large HTTP header is legitimate).
The max_message_size is not even a security : the large message has already been read when the size is tested.
The text was updated successfully, but these errors were encountered: