Custom error handling for oversized CGI request entities

As discussed by Ovid at Preventing DOS attacks with CGI.pm, one of the key elements of all code employing CGI is the definition of $CGI::POST_MAX, thereby limiting the maximum accepted size of the submitted request entity. If this value, defined in bytes, is exceeded by the HTTP request, the result is the generation of a request entity too large error upon initiation of the CGI object that is returned to the HTTP client.

In a reply to my post here, Hero Zzyzzx asked how a more custom error handling response for over-sized requests could be incorporated into code - The result, with some liberties taken from the CGI module, is the code below:

#!/usr/bin/perl -Tw

use CGI;
use strict;

BEGIN {
    my $POST_MAX = 512 * 1024;

    my $content_length = defined $ENV{'CONTENT_LENGTH'} ? $ENV{'CONTEN
+T_LENGTH'} : 0;
    if ( ($POST_MAX > 0) && ($content_length > $POST_MAX) ) {
        #   custom request entity too large error handling
    }
}
[download]

Comment on Custom error handling for oversized CGI request entities Select or Download Code

Back to Cool Uses for Perl