README
¶
limitbytes - A middleware to enforce limits on the http request body size.
This is a thin wrapper around http.MaxBytesReader. This fails the request early
before reading data if content-length is known, otherwise returns a custom
error type ErrTooLarge by parsing the error from http.MaxBytesReader. This
also sets the response code to 413 (http.StatusRequestEntityTooLarge).
An optional callback can be provided to handle failure case (but this only works if the content-length is available).
Usage
// Create a router that uses std lib http.Handler types for middleware.
var router = chi.NewMux()
router.Use(limitbytes.New(16 * 1024), callback) // limit request body to 16kB
When content-length is unknown, the request body has to be read to know if the
limit is breached. For example, this could happen while decoding json from the
body. In such cases, the wrapped http handler can test for ErrTooLarge error
to handle them.
var wrapped = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close()
_, e := json.NewDecoder(r.Body).Decode(obj)
switch e.(type) {
case nil:
w.WriteHeader(http.StatusOK)
case limitbytes.ErrTooLarge:
w.WriteHeader(http.StatusRequestEntityTooLarge)
default:
w.WriteHeader(http.StatusBadRequest)
}
})
Contributors
Pull requests, issues and comments welcome. For pull requests:
- Add tests for new features and bug fixes
- Follow the existing style
- Separate unrelated changes into multiple pull requests
See the existing issues for things to start contributing.
For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.
Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).
Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.
License
Copyright (c) 2017 Atlassian and others. Apache 2.0 licensed, see LICENSE.txt file.
Documentation
¶
Overview ¶
Package limitbytes implements a middleware to enforce limits on the http request body size.
This is a thin wrapper around `http.MaxBytesReader`. This fails the request early before reading data if content-length is known, otherwise returns a custom error type `ErrTooLarge` by parsing the error from `http.MaxBytesReader`. This also sets the response code to 413 (`http.StatusRequestEntityTooLarge`).
An optional callback can be provided to handle failure case (but this only works if the content-length is available).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func New ¶
func New(n int64, callback func(http.ResponseWriter, *http.Request, error)) func(next http.Handler) http.Handler
New is a middleware that limits the request body size to n bytes by wrapping the request body using http.MaxBytesReader. If content-length is available, this fails early without calling the next handler. An optional callback can be passed in which is called if content-length is available and request size is greater than n.
Types ¶
type ErrTooLarge ¶
type ErrTooLarge struct {
Err error // underlying error
}
ErrTooLarge error is used to indicate that the request size is too large
func (ErrTooLarge) Error ¶
func (r ErrTooLarge) Error() string
Source Files