reject large requests

master
Kevin Froman 2019-07-02 21:50:22 -05:00
parent 98fcd9d139
commit 873740c5ad
2 changed files with 4 additions and 1 deletions

View File

@ -39,6 +39,7 @@ class PublicAPI:
def __init__(self, clientAPI): def __init__(self, clientAPI):
assert isinstance(clientAPI, API) assert isinstance(clientAPI, API)
app = flask.Flask('PublicAPI') app = flask.Flask('PublicAPI')
app.config['MAX_CONTENT_LENGTH'] = 5 * 1024 * 1024
self.i2pEnabled = config.get('i2p.host', False) self.i2pEnabled = config.get('i2p.host', False)
self.hideBlocks = [] # Blocks to be denied sharing self.hideBlocks = [] # Blocks to be denied sharing
self.host = apiutils.setbindip.set_bind_IP(clientAPI._core.publicApiHostFile, clientAPI._core) self.host = apiutils.setbindip.set_bind_IP(clientAPI._core.publicApiHostFile, clientAPI._core)

View File

@ -26,6 +26,7 @@ class PublicEndpoints:
public_endpoints_bp = Blueprint('publicendpoints', __name__) public_endpoints_bp = Blueprint('publicendpoints', __name__)
self.public_endpoints_bp = public_endpoints_bp self.public_endpoints_bp = public_endpoints_bp
@public_endpoints_bp.route('/') @public_endpoints_bp.route('/')
def banner(): def banner():
# Display a bit of information to people who visit a node address in their browser # Display a bit of information to people who visit a node address in their browser
@ -38,11 +39,12 @@ class PublicEndpoints:
@public_endpoints_bp.route('/getblocklist') @public_endpoints_bp.route('/getblocklist')
def get_block_list(): def get_block_list():
'''Get a list of blocks, optionally filtered by epoch time stamp, excluding those hidden'''
return getblocks.get_public_block_list(client_API, public_api, request) return getblocks.get_public_block_list(client_API, public_api, request)
@public_endpoints_bp.route('/getdata/<name>') @public_endpoints_bp.route('/getdata/<name>')
def get_block_data(name): def get_block_data(name):
# Share data for a block if we have it # Share data for a block if we have it and it isn't hidden
return getblocks.get_block_data(client_API, public_api, name) return getblocks.get_block_data(client_API, public_api, name)
@public_endpoints_bp.route('/www/<path:path>') @public_endpoints_bp.route('/www/<path:path>')