Prevent users from being able to upload super large files via Sockets, which could inadvertently deny access to the server (#4398)

2021-07-25 20:28:14 -04:00 · 2021-07-25 20:28:14 -04:00 · bbe43d4246
commit bbe43d4246
parent 0280fea3e6
1 changed files with 6 additions and 1 deletions
--- a/servatrice/src/serversocketinterface.cpp
+++ b/servatrice/src/serversocketinterface.cpp
@ -1696,11 +1696,16 @@ void WebsocketServerSocketInterface::initConnection(void *_socket)
    }
    socket = (QWebSocket *)_socket;
    socket->setParent(this);
+#if (QT_VERSION >= QT_VERSION_CHECK(5, 15, 0))
+    // https://bugreports.qt.io/browse/QTBUG-70693
+    socket->setMaxAllowedIncomingMessageSize(1500000); // 1.5MB
+#endif
+
    address = socket->peerAddress();

    QByteArray websocketIPHeader = settingsCache->value("server/web_socket_ip_header", "").toByteArray();
    if (websocketIPHeader.length() > 0) {
-#if QT_VERSION >= 0x050600
+#if (QT_VERSION >= QT_VERSION_CHECK(5, 6, 0))
        if (socket->request().hasRawHeader(websocketIPHeader)) {
            QString header(socket->request().rawHeader(websocketIPHeader));
            QHostAddress parsed(header);