From 84d7671e91bb2dee2081172dbf651860134ae75e Mon Sep 17 00:00:00 2001
From: rambocoder <erlang@rambocoder.com>
Date: Wed, 6 Mar 2013 08:50:45 -0500
Subject: Check the length before reading the body in body/1 and body_qs/1

---
 test/http_handler_body_qs.erl | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 test/http_handler_body_qs.erl

(limited to 'test/http_handler_body_qs.erl')

diff --git a/test/http_handler_body_qs.erl b/test/http_handler_body_qs.erl
new file mode 100644
index 0000000..306f4dc
--- /dev/null
+++ b/test/http_handler_body_qs.erl
@@ -0,0 +1,39 @@
+%% Feel free to use, reuse and abuse the code in this file.
+
+-module(http_handler_body_qs).
+-behaviour(cowboy_http_handler).
+-export([init/3, handle/2, terminate/3]).
+
+init({_, http}, Req, _) ->
+	{ok, Req, undefined}.
+
+handle(Req, State) ->
+	{Method, Req2} = cowboy_req:method(Req),
+	HasBody = cowboy_req:has_body(Req2),
+	{ok, Req3} = maybe_echo(Method, HasBody, Req2),
+	{ok, Req3, State}.
+
+maybe_echo(<<"POST">>, true, Req) ->
+	case cowboy_req:body_qs(Req) of
+		{error,badlength} ->
+			echo(badlength, Req);
+		{ok, PostVals, Req2} ->
+			echo(proplists:get_value(<<"echo">>, PostVals), Req2)
+	end;
+
+maybe_echo(<<"POST">>, false, Req) ->
+	cowboy_req:reply(400, [], <<"Missing body.">>, Req);
+maybe_echo(_, _, Req) ->
+	%% Method not allowed.
+	cowboy_req:reply(405, Req).
+
+echo(badlength, Req) ->
+	cowboy_req:reply(413, [], <<"POST body bigger than 16000 bytes">>, Req);
+echo(undefined, Req) ->
+	cowboy_req:reply(400, [], <<"Missing echo parameter.">>, Req);
+echo(Echo, Req) ->
+	cowboy_req:reply(200,
+		[{<<"content-encoding">>, <<"utf-8">>}], Echo, Req).
+
+terminate(_, _, _) ->
+	ok.
-- 
cgit v1.2.3