From 9368a1c3bb90fbadd8a5252c1fc07e4b454855cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= Date: Wed, 11 Mar 2020 11:11:01 +0100 Subject: [PATCH] initialise sendfile ssl with a simple GET request --- grandlyon_cartads_cs/models.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/grandlyon_cartads_cs/models.py b/grandlyon_cartads_cs/models.py index 46e963e..eee6ad8 100644 --- a/grandlyon_cartads_cs/models.py +++ b/grandlyon_cartads_cs/models.py @@ -85,6 +85,14 @@ class GLCartaDSCS(AbstractCartaDSCS): return token def upload_zip(self, zip_filename): + # But you should really design your site to ensure that the first + # request to a client-cert-protected area is not a POST request with a + # large body; make it a GET or something. Any request body has to be + # buffered into RAM to handle this case, so represents an opportunity + # to DoS the server. + # -- https://bz.apache.org/bugzilla/show_bug.cgi?id=39243 + # and that's why there's a seemingly unnecessary GET request first. + self.requests.get(self.sendfile_ws_url) b64_zip = base64.b64encode(open(zip_filename, 'rb').read()) chunk_size = 16777216 # 16MB for n in range(0, len(b64_zip), chunk_size):