MCPcopy Index your code
hub / github.com/labstack/echo / TestDecompress_LargePayloadDosPrevention

Function TestDecompress_LargePayloadDosPrevention

middleware/decompress_test.go:457–485  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

455}
456
457func TestDecompress_LargePayloadDosPrevention(t *testing.T) {
458 e := echo.New()
459 // Simulate a DoS attack with highly compressed large payload
460 largeSize := 10 * 1024 * 1024 // 10MB decompressed
461 largeBody := bytes.Repeat([]byte("Z"), largeSize)
462 var buf bytes.Buffer
463 gzWriter := gzip.NewWriter(&buf)
464 gzWriter.Write(largeBody)
465 gzWriter.Close()
466
467 req := httptest.NewRequest(http.MethodPost, "/", &buf)
468 req.Header.Set(echo.HeaderContentEncoding, GZIPEncoding)
469 rec := httptest.NewRecorder()
470 c := e.NewContext(req, rec)
471
472 h, err := DecompressConfig{MaxDecompressedSize: 1 * MB}.ToMiddleware()
473 assert.NoError(t, err)
474
475 err = h(func(c *echo.Context) error {
476 _, readErr := io.ReadAll(c.Request().Body)
477 return readErr
478 })(c)
479
480 // Should prevent DoS by returning 413
481 assert.Error(t, err)
482 he, ok := err.(echo.HTTPStatusCoder)
483 assert.True(t, ok)
484 assert.Equal(t, http.StatusRequestEntityTooLarge, he.StatusCode())
485}
486
487func BenchmarkDecompress_WithLimit(b *testing.B) {
488 e := echo.New()

Callers

nothing calls this directly

Calls 8

RequestMethod · 0.95
SetMethod · 0.80
NewContextMethod · 0.80
ToMiddlewareMethod · 0.65
StatusCodeMethod · 0.65
WriteMethod · 0.45
CloseMethod · 0.45
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…