withoutSizeLimit
Description
Skips request entity size verification.
The whole mechanism of entity size checking is intended to prevent certain Denial-of-Service attacks. So suggested setup is to have pekko.http.parsing.max-content-length
relatively low and use withoutSizeLimit
directive just for endpoints for which size verification should not be performed.
Caution
Usage of withoutSizeLimit
is not recommended as it turns off the too large payload protection. Therefore, we highly encourage using withSizeLimit
instead, providing it with a value high enough to successfully handle the route in need of big entities.
See also withSizeLimit for setting request entity size limit.
Example
- Scala
-
source
val route = withoutSizeLimit { entity(as[String]) { _ => complete(HttpResponse()) } } // tests: def entityOfSize(size: Int) = HttpEntity(ContentTypes.`text/plain(UTF-8)`, List.fill(size)('0').mkString) // will work even if you have configured pekko.http.parsing.max-content-length = 500 Post("/abc", entityOfSize(501)) ~> route ~> check { status shouldEqual StatusCodes.OK }
- Java
-
source
import static org.apache.pekko.http.javadsl.server.Directives.complete; import static org.apache.pekko.http.javadsl.server.Directives.entity; import static org.apache.pekko.http.javadsl.server.Directives.withSizeLimit; final Route route = withSizeLimit(500, () -> entity(Unmarshaller.entityToString(), (entity) -> complete("ok"))); Function<Integer, HttpRequest> withEntityOfSize = (sizeLimit) -> { char[] charArray = new char[sizeLimit]; Arrays.fill(charArray, '0'); return HttpRequest.POST("/").withEntity(new String(charArray)); }; // tests: testRoute(route).run(withEntityOfSize.apply(500)).assertStatusCode(StatusCodes.OK); testRoute(route) .run(withEntityOfSize.apply(501)) .assertStatusCode(StatusCodes.CONTENT_TOO_LARGE);
1.1.0