Uwe Schuster
950012d946
Body-bearing methods (POST/PUT/PATCH) now reject: - missing Content-Length → 411 - malformed Content-Length → 400 - non-identity Transfer-Encoding (chunked, etc.) → 411 - declared length > maxBytes → 413 (unchanged) GET/HEAD/DELETE/OPTIONS/TRACE pass through unchanged. Consumers needing the legacy fail-open behaviour pass `requireContentLength = false`. Bump to 0.3.3 (behaviour tightening — consumers on default ctor see new 411/400 responses on requests that previously sailed through). Closes #4 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
25 lines
881 B
C++
25 lines
881 B
C++
// Smoke test for BodySizeLimitInterceptor — confirms the header compiles
|
|
// in a consumer translation unit and the constructor surface matches the
|
|
// documented API. Behavioural tests against real IncomingRequest objects
|
|
// would need a full oatpp request fixture; pinning the API surface here is
|
|
// enough to catch the kinds of breakage this header is at risk of.
|
|
|
|
#include "oatpp-authkit/interceptor/BodySizeLimitInterceptor.hpp"
|
|
|
|
#include <cstdio>
|
|
#include <memory>
|
|
|
|
int main() {
|
|
using oatpp_authkit::BodySizeLimitInterceptor;
|
|
|
|
// Default: fail-closed.
|
|
auto strict = std::make_shared<BodySizeLimitInterceptor>(1024);
|
|
(void)strict;
|
|
|
|
// Opt-out: legacy fail-open behaviour.
|
|
auto lax = std::make_shared<BodySizeLimitInterceptor>(1024, /*requireContentLength=*/false);
|
|
(void)lax;
|
|
|
|
std::printf("BodySizeLimitInterceptor API ok\n");
|
|
return 0;
|
|
}
|