picoclaw

lzh/picoclaw

Fork 0

mirror of https://github.com/sipeed/picoclaw.git synced 2026-06-12 18:08:54 +00:00

Commit Graph

Author	SHA1	Message	Date
don	19835b2f60	fix(line): limit webhook request body size to prevent DoS (#1413 ) * fix(line): limit webhook request body size to prevent DoS Add io.LimitReader with 1 MB cap on the LINE webhook handler to prevent unauthenticated memory exhaustion via oversized POST requests. Follows the same pattern used in the WeCom channel (io.LimitReader). Requests exceeding the limit are rejected with 413 Request Entity Too Large. Fixes #1407 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> * refactor(line): hoist body size const, add boundary tests - Move maxWebhookBodySize to package-level const - Add TestWebhookAcceptsMaxBodySize (exact limit → 403, not 413) - Add TestWebhookRejectsOversizedBodyBeforeSignatureCheck - Use const in test instead of magic number Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-12 23:55:40 +08:00

Author

SHA1

Message

Date

don

19835b2f60

fix(line): limit webhook request body size to prevent DoS (#1413 )

* fix(line): limit webhook request body size to prevent DoS

Add io.LimitReader with 1 MB cap on the LINE webhook handler to prevent
unauthenticated memory exhaustion via oversized POST requests.

Follows the same pattern used in the WeCom channel (io.LimitReader).
Requests exceeding the limit are rejected with 413 Request Entity Too Large.

Fixes #1407

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

* refactor(line): hoist body size const, add boundary tests

- Move maxWebhookBodySize to package-level const
- Add TestWebhookAcceptsMaxBodySize (exact limit → 403, not 413)
- Add TestWebhookRejectsOversizedBodyBeforeSignatureCheck
- Use const in test instead of magic number

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-12 23:55:40 +08:00

1 Commits