[Feature][3.3] Triple http limiting the size of the HTTP request and response

[oxsean]

Pre-check

• [X] I am sure that all the content I provide is in English.

Search before asking

• [X] I had searched in the issues and found no similar feature requirement.

Apache Dubbo Component

Java SDK (apache/dubbo)

Descriptions

If the client provides a body input that is too large or the response output is too large, it could make server OOM. Therefore, it is necessary to limit their sizes to prevent DOS attacks.

Related issues

No response

Are you willing to submit a pull request to fix on your own?

• [X] Yes I am willing to submit a pull request on my own!

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[finefuture]

I'm working on it, please assign it to me.

[Chenjp]

@finefuture

Pls consider adding support for following scope level "max-body-size":

1. Application;
2. Protocol;
3. Service;

Priority : Service>Protocol>Application.

Example:

1. Nginx:

Syntax: client_max_body_size size;
Context: http, server, location

2. Another Example: Kong request-size-limiting

[finefuture]

@finefuture

Pls consider adding support for following scope level "max-body-size":

1. Application;
2. Protocol;
3. Service;

Priority : Service>Protocol>Application.

Example:

1. Nginx:

Syntax: client_max_body_size size;
Context: http, server, location

2. Another Example: Kong request-size-limiting

Good idea, but cross-protocol may involve relatively large changes. Maybe we can implement it in triple protocol first.