0

I'm been building a NodeJS application with a team. A team member limited the server request size to 8Kb - if it's bigger than that, the request will be rejected on the server. The idea is that we don't want to process requests that are too big to avoid a potential DoS.

This brings up the issue that what if we wanted to make generally big requests (batch a couple of small requests together, since according to this, it's better than sending a bunch of small requests). And example would be for a TODO list, if I edit 100 TODOs at the same time (I send the UUIDs of each of the todo items back to the server along with the updates); this request could exceed 8Kb in size. I couldn't find if there are standards for max HTTP request sizes.

What would be the solution for wanting to send back larger HTTP requests from the client to the server? Should I:

  1. Increase the HTTP request size on the server? What's the standard? I could 100x it and that would solve much of the problem
  2. Limit the request size on the client. For example, limit it so the user could only edit 100 TODOs at max! Anymore, and the request won't send.
  3. A combination of 1 and 2?

Thank you!

Thomas
  • 555
  • 7
  • 29
  • 1
    Please check https://stackoverflow.com/questions/2880722/can-http-post-be-limitless/55998160#55998160 – shaochuancs May 09 '19 at 09:12
  • That definitely helps! Though a followup is why would our NodeJS application only have an 8Kb limit while that post says `The maximum POST request body size is configured on the HTTP server and typically ranges from 1MB to 2GB` Does it sound like there was any reason to the original 8Kb size? – Thomas Jun 11 '19 at 18:48
  • Looks like 8kb is configured somewhere in the Node.js application – shaochuancs Jun 11 '19 at 22:29

0 Answers0