如何使用Spring Webflux限制请求有效负载大小?
使用Spring Webflux,我需要限制传入HTTP请求的有效负载大小(例如5MB).这是可立即配置的东西吗?如果没有,我们可以使用哪些API来实现此行为(例如,如果有效载荷太大,则返回413).
Using Spring Webflux, I need to limit the payload size of incoming HTTP requests (e.g. to say 5MB). Is this something configurable out-of-the-box? If not, which APIs can we use to implement this behavior (e.g. return a 413 if the payload is too big).
我想您要这样做是为了防止恶意或行为不端的客户端进行的拒绝服务攻击.
I guess you want to do this to prevent Denial Of Service attacks by malicious or misbehaving clients.
通常的建议是不直接将HTTP应用程序服务器连接到Internet,而是通过HTTP反向代理服务器(例如,适当配置的Apache HTTPD或nginx)连接.这些代理服务器提供了阻止大型请求的方法.它们提供了其他功能来阻止或缓解不良客户.
The usual recommendation is to not directly connect HTTP application servers to the Internet, but instead via an HTTP reverse proxy server (such as a suitably configured Apache HTTPD or nginx). These proxy servers provide means for blocking large requests. They provide other facilities for blocking or mitigating bad clients.
因此,您应该考虑在应用程序中不实施此功能是否更容易,而是依靠代理为您完成操作.
You should therefore consider whether it would be easier not to implement this functionality in you application, and instead rely on the proxy doing it for you.