修改标头服务器:ArangoDB
[英]Modify Header server: ArangoDB
问题描述
Something that seems easy, but I don't find the way to do that. 
看似简单的东西,但我找不到那样做的方法。 Does it possible to change the header sent in a response 是否可以更改响应中发送的标头
server: ArangoDB
by something else (in order to be less verbose and more secure) ? 通过其他东西(为了减少冗长和更安全)?
Also, I need to store a large string (very long url + lot of informations) in a document, but what is the max length of a joi.string ? 另外,我需要在文档中存储一个大字符串(很长的url +很多信息),但是joi.string的最大长度是多少?
Thx, 谢谢,
2 个解决方案
解决方案1
2 2015-11-10 09:33:33
The internal string limit in V8 (the JavaScript engine used by ArangoDB) is around 256 MB in the V8 version used by ArangoDB. 在ArangoDB使用的V8版本中,V8(ArangoDB使用的JavaScript引擎)中的内部字符串限制大约为256 MB。 Thus 256 MB will be the absolute maximum string length that can be used from JavaScript code that's executed in ArangoDB. 因此,256 MB将是可以在ArangoDB中执行的JavaScript代码中使用的绝对最大字符串长度。
Regarding maximum URL lengths as mentioned above: URLs should get too long because very long URLs may not be too portable across browsers. 关于如上所述的最大URL长度:URL应该太长,因为很长的URL可能在浏览器中不太可移植。 I think in practice several browser will enforce some URL max length limits of around 64 K, so URLs should definitely not get longer than this value. 我认为在实践中,几个浏览器会强制执行一些大约64 K的URL最大长度限制,因此URL绝对不会超过此值。 I would recommend using much shorter URLs though and passing hugh payloads in the HTTP request body instead. 我建议使用更短的URL,并在HTTP请求体中传递hugh有效负载。 This also means you may need to change from HTTP GET to HTTP POST or HTTP PUT, but its at least portable. 这也意味着您可能需要从HTTP GET更改为HTTP POST或HTTP PUT,但它至少是可移植的。
Finally regarding the HTTP response header "Server: ArangoDB" that is sent by ArangoDB in every HTTP response: starting with ArangoDB 2.8, there is an option to turn this off: --server.hide-product-header true . 最后关于ArangoDB在每个HTTP响应中发送的HTTP响应头"Server: ArangoDB" :从ArangoDB 2.8开始,有一个选项可以关闭它: - --server.hide-product-header true 。 This option is not available in the stable 2.7 branch yet. 此选项在stable 2.7分支中尚不可用。
解决方案2
1 2015-11-09 08:44:45
No, there currently is no configuration to disable the server: header in ArangoDB. 不,目前没有配置来禁用ArangoDB中的server:头。 I would recommend prepending an NGiNX or similar HTTP-Proxy to achieve that (and other possible hardening for your service). 我建议预先安装NGiNX或类似的HTTP-Proxy来实现这一目标(以及其他可能的服务强化)。 The implementation of server header can be found in lib/Rest/HttpResponse.cpp . 服务器头的实现可以在lib/Rest/HttpResponse.cpp 。
Regarding Joi - 关于Joi -
I only found howto specify a string length in joi - not what its maximum could be. 我只发现如何在joi中指定字符串长度 - 而不是它的最大值。 I guess the general javascript limit for strings should be taken into account. 我想应该考虑字符串的一般javascript限制 。
However, it rather seems that you shouldn't exceed the limit of 2000 chars for URLs which thereby should be the limit. 但是,您似乎不应超过URL的2000个字符的限制 ,因此应该是限制。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.