3. Security and Validation

limit

Limits the maximum length of a HTTP message body.

Explanation:

Note that due to the streaming nature of Membrane, a request header may already have been passed on to the backend, when the condition "body.length > X" becomes true. In this case, further processing is aborted and the connection to the backend is simply closed.

To apply only to either requests or responses, wrap it in a corresponding tag: <request><limit ... /></request>.


Can be used in:

serviceProxy, api, global, chainDef, for, stompProxy, if, registration, wsStompReassembler, internal, interceptor, chain, bean, transport and soapProxy

Syntax

<limit maxBodyLength="integer"/>

Sample

<serviceProxy port="8080">
  <limit maxBodyLength="52428800" />
  <target host="www.predic8.com" />
</serviceProxy>

In this setup, all requests are forwarded to www.predic8.com. Requests larger than 50MB will be discarded.

Attributes

NameRequiredDefaultDescriptionExamples
maxBodyLength false - The maximal length of a message body.
10485760