6 Jan
2012
6 Jan
'12
2:07 a.m.
Hello guys, As you may know, "Denial of Service through hash table multi-collisions" was disclosed: http://permalink.gmane.org/gmane.comp.security.full-disclosure/83694 The hashable package is affected but not affected to Yesod suite. However, I guess we should provide size limitation of HTTP body on POST to Warp. # Of course, we should provide rate limiting, too. --Kazu