weixin_33720186 2018-07-16 16:54 采纳率: 0%
浏览 257

AJAX响应的限制大小

I'm building a decentralized application (I don't control the servers, only the client), and want to add some sanity checks and preventative measures to stop bad people from doing malicious things. This involves (among many, many other things), preventing DoS attempts on the client by the use of arbitrary payload data being sent from the servers.

The question is this: How can the client limit the maximum size of data received from a server over JQuery AJAX? If I'm expecting to fetch a few bytes of JSON, and am instead greeted by a 30MB video file when I make the AJAX request, how can I stop the request and throw an error after I've received the first 16 KB?

While I recognize that the nature of my undertaking is unique, any feedback is wwlcome.

  • 写回答

1条回答 默认 最新

  • weixin_33743661 2018-07-16 18:19
    关注

    As @Barmar pointed out in the comments, this was a simple case of checking the "onprogress" event of the download and terminating it when it exceeded my desired max size.

    Here is the code for any interested parties:

    var xhr = $.ajax({
    url: "your-url",
    success: () => {
        // ...
    },
    xhrFields: {
        onprogress: function(progress) {
          if (progress.loaded > config.MAX_HASH_DESCRIPTOR_SIZE) {
            // stop any unreasonably long malicious payload downloads.
            xhr.abort()
          }
        }
      }
})
    评论

报告相同问题?

悬赏问题

  • ¥20 Java-Oj-桌布的计算
  • ¥15 请问如何在openpcdet上对KITTI数据集的测试集进行结果评估?
  • ¥15 powerbuilder中的datawindow数据整合到新的DataWindow
  • ¥20 有人知道这种图怎么画吗?
  • ¥15 pyqt6如何引用qrc文件加载里面的的资源
  • ¥15 安卓JNI项目使用lua上的问题
  • ¥20 RL+GNN解决人员排班问题时梯度消失
  • ¥60 要数控稳压电源测试数据
  • ¥15 能帮我写下这个编程吗
  • ¥15 ikuai客户端l2tp协议链接报终止15信号和无法将p.p.p6转换为我的l2tp线路