Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Download continues after maxContentLength exceeded
See original GitHub issue#### Summary
The following code demonstrates the issue:
require('axios').get(
'https://upload.wikimedia.org/wikipedia/commons/f/fe/A_Different_Slant_on_Carina.jpg',
{ maxContentLength: 2000 }
)
.then(d => console.log('done'))
.catch(e => console.log(e.toString()))
Expected behavior:
- The script exits immediately after printing “Error: maxContentLength size of 2000 exceeded”
- Not much more than 2KB was downloaded from the server
Actual behavior:
- The script prints “Error: maxContentLength size of 2000 exceeded”, then continues to download the remaining 52MB of data from the server. It takes about two minutes before it exits on my connection.
It’s possible to work around this by adding a cancellation token and manually canceling the request when an error is encountered. However, since the request never actually fires a “complete” event, it’s surprising that the download continues, only to have the data be thrown into the void.
#### Context
- axios version: v0.16.2
- Environment: node v8.4.0, macOS Sierra 10.12.6
Issue Analytics
- State:
- Created 6 years ago
- Reactions:15
- Comments:7
Top Results From Across the Web
Maximum request length exceeded - asp.net - Stack Overflow
Show activity on this post. I got maximum request length exceeded error, trying to download a file from the site (developed in asp.net)....
Read more >electra-js@0.10.2 vulnerabilities - Snyk
Introduced through: electra-js@0.10.2 › download@6.2.5 › file-type@5.2.0 ... continuing to be accepted from requests after maxContentLength is exceeded.
Read more >the uploaded data exceeded the amount allowed by the Spark ...
Hello, I want to upload my 10GB data into spark server by using 'table to spark'. My spark server is ready, but I...
Read more >CVE-2019-10742 Detail - NVD
0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded.
Read more >Max frame length of 65536 has been exceeded - Google Groups
A lot has changed since I was here last. But its all good. I was able to adjust maxContentLength in gremlin-server.yaml but couldn't...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Fix is released as part of 0.19.0; per @emilyemorehouse’s comment there should be a more targeted 0.18.1 release made available as well shortly.
Let’s all thank the maintainers and contributors for their generous work ❤️
What’s the likelihood of this PR getting approved / merged?
Sourceclear is raising this as a vulnerability, with this PR being the fix: https://www.sourceclear.com/vulnerability-database/security/denial-of-service-dos-/javascript/sid-6130