nginx: src/http/ngx_http_core_module.h comparison

comparison src/http/ngx_http_core_module.h @ 4162:fb1375e8b68c stable-1.0

Merging r4036, r4055, r4056, r4057, r4058, r4059, r4060, r4061, r4062, r4063, r4064: Ranges related fixes: The "max_ranges" directive. "max_ranges 0" disables ranges support at all, "max_ranges 1" allows the single range, etc. By default number of ranges is unlimited, to be precise, 2^31-1. If client requests more ranges than "max_ranges" permits, nginx disables ranges and returns just the source response. If total size of all ranges is greater than source response size, then nginx disables ranges and returns just the source response. This fix should not affect well-behaving applications but will defeat DoS attempts exploiting malicious byte ranges. Now unsatisfiable ranges are processed according to RFC 2616.

author	Igor Sysoev <igor@sysoev.ru>
date	Fri, 30 Sep 2011 14:06:08 +0000
parents	d9b486dbf7e5
children	1a94a56a4e5d

comparison

equal deleted inserted replaced

-:010a0907bc95
+:fb1375e8b68c
 ngx_uint_t    keepalive_requests;      /* keepalive_requests */
 ngx_uint_t    keepalive_disable;       /* keepalive_disable */
 ngx_uint_t    satisfy;                 /* satisfy */
 ngx_uint_t    lingering_close;         /* lingering_close */
 ngx_uint_t    if_modified_since;       /* if_modified_since */
+ngx_uint_t    max_ranges;              /* max_ranges */
 ngx_uint_t    client_body_in_file_only; /* client_body_in_file_only */
 ngx_flag_t    client_body_in_single_buffer;
 /* client_body_in_singe_buffer */
 ngx_flag_t    internal;                /* internal */

Mercurial > hg > nginx

comparison src/http/ngx_http_core_module.h @ 4162:fb1375e8b68c stable-1.0