Skip to content

Commit

Permalink
default max_form_memory_size to 500kB (#2965)
Browse files Browse the repository at this point in the history
  • Loading branch information
davidism authored Oct 27, 2024
2 parents 2ed6d7e + d27debc commit 0839766
Show file tree
Hide file tree
Showing 3 changed files with 18 additions and 5 deletions.
3 changes: 3 additions & 0 deletions CHANGES.rst
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,9 @@ Version 3.1.0

Unreleased

- ``Request.max_form_memory_size`` defaults to 500kB instead of unlimited.
Non-file form fields over this size will cause a ``RequestEntityTooLarge``
error. :issue:`2964`
- Support Cookie CHIPS (Partitioned Cookies). :issue:`2797`
- ``CacheControl.no_transform`` is a boolean when present. ``min_fresh`` is
``None`` when not present. Added the ``must_understand`` attribute. Fixed
Expand Down
15 changes: 11 additions & 4 deletions docs/request_data.rst
Original file line number Diff line number Diff line change
Expand Up @@ -79,16 +79,23 @@ request in such a way that the server uses too many resources to handle it. Each
these limits will raise a :exc:`~werkzeug.exceptions.RequestEntityTooLarge` if they are
exceeded.

- :attr:`~Request.max_content_length` Stop reading request data after this number
- :attr:`~Request.max_content_length` - Stop reading request data after this number
of bytes. It's better to configure this in the WSGI server or HTTP server, rather
than the WSGI application.
- :attr:`~Request.max_form_memory_size` Stop reading request data if any form part is
larger than this number of bytes. While file parts can be moved to disk, regular
form field data is stored in memory only.
- :attr:`~Request.max_form_memory_size` - Stop reading request data if any
non-file form field is larger than this number of bytes. While file parts
can be moved to disk, regular form field data is stored in memory only and
could fill up memory. The default is 500kB.
- :attr:`~Request.max_form_parts` Stop reading request data if more than this number
of parts are sent in multipart form data. This is useful to stop a very large number
of very small parts, especially file parts. The default is 1000.

Each of these values can be set on the ``Request`` class to affect the default
for all requests, or on a ``request`` instance to change the behavior for a
specific request. For example, a small limit can be set by default, and a large
limit can be set on an endpoint that accepts video uploads. These values should
be tuned to the specific needs of your application and endpoints.

Using Werkzeug to set these limits is only one layer of protection. WSGI servers
and HTTPS servers should set their own limits on size and timeouts. The operating system
or container manager should set limits on memory and processing time for server
Expand Down
5 changes: 4 additions & 1 deletion src/werkzeug/wrappers/request.py
Original file line number Diff line number Diff line change
Expand Up @@ -84,8 +84,11 @@ class Request(_SansIORequest):
#: data in memory for post data is longer than the specified value a
#: :exc:`~werkzeug.exceptions.RequestEntityTooLarge` exception is raised.
#:
#: .. versionchanged:: 3.1
#: Defaults to 500kB instead of unlimited.
#:
#: .. versionadded:: 0.5
max_form_memory_size: int | None = None
max_form_memory_size: int | None = 500_000

#: The maximum number of multipart parts to parse, passed to
#: :attr:`form_data_parser_class`. Parsing form data with more than this
Expand Down

0 comments on commit 0839766

Please sign in to comment.