[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bug in mod_ratelimit?


On Thu, Jul 19, 2018 at 10:16 PM, Cory McIntire <cory@xxxxxxxxxx> wrote:
> Upon some initial testing of the patch we have found some conditions to which this will still break, consider the following:
> Put something like this into your php file,
>         for ($i = 1; $i <= 2000; $i++) {
>             header("x$i: $i");
>         }

Yes I was thinking about this, currently mod_ratelimit is not able to
ratelimit headers when chunked encoding is to be used for the body.

This is because the http (header) filter assumes nothing retains the
headers in between itself and the chunked filter (which itself assumes
everything it receives is the body).

I'm looking at the best way to address this, possibly mod_ratelimit's
filter should be moved after the "CHUNK" filter (i.e.
AP_FTYPE_TRANSCODE)? The requirement seems to be after deflate but
before network filter...