withoutSizeLimit

withoutSizeLimit

Description

Skips request entity size verification.

The whole mechanism of entity size checking is intended to prevent certain Denial-of-Service attacks. So suggested setup is to have akka.http.parsing.max-content-length relatively low and use withoutSizeLimit directive just for endpoints for which size verification should not be performed.

See also withSizeLimit for setting request entity size limit.

Example

final Route route = withSizeLimit(500, () ->
  entity(Unmarshaller.entityToString(), (entity) ->
    complete("ok")
  )
);

Function<Integer, HttpRequest> withEntityOfSize = (sizeLimit) -> {
  char[] charArray = new char[sizeLimit];
  Arrays.fill(charArray, '0');
  return HttpRequest.POST("/").withEntity(new String(charArray));
};

// tests:
testRoute(route).run(withEntityOfSize.apply(500))
  .assertStatusCode(StatusCodes.OK);

testRoute(route).run(withEntityOfSize.apply(501))
  .assertStatusCode(StatusCodes.BAD_REQUEST);

Contents

© 2015 Lightbend Inc. Akka is Open Source and available under the Apache 2 License.

Last updated: 10月 30, 2017