MaxBufferSize 属性? [英] MaxBufferSize property?

问题描述

我一直认为，WCF BasicHttpBinding 选项 MaxBufferSize 旨在保护我免受 DoS 攻击，但是，文档 很奇怪:

I always thought, that the WCF BasicHttpBinding option MaxBufferSize is intended to protect me from DoS attacks, however, the following note in the documentation is weird:

如果消息超过为缓冲区设置的最大值，则不会丢弃它.相反，从 CLR 堆请求更多的内存，这比使用缓冲区会导致更多的垃圾收集开销.

If a message exceeds the maximum value set for the buffer, it is not dropped. Instead, more memory is requested from the CLR heap and this incurs more garbage collection overhead than using the buffers.

所以看起来属性 MaxBufferSize 更像是一个默认值，而不是一个 MaxBufferSize.我错过了什么吗?

So it looks like the property MaxBufferSize is more of a default value and not a MaxBufferSize. Do I miss something?

推荐答案

找到答案，感谢 BugFinder 提供正确方向的提示.

Found the answer, thank you BugFinder for the hint into the right direction.

MaxBufferSize 确实只在流 场景中很重要.在缓冲 WCF 场景中，它必须设置为与MaxReceivedMessageSize 相同的值(否则会引发配置异常).MaxReceivedMessageSize 使我们免于 DoS 攻击(硬限制).

MaxBufferSize is indeed important only in streaming scenarios. In buffered WCF scenarios, it must be set to the same value as the MaxReceivedMessageSize (otherwise a configuration exception is thrown). MaxReceivedMessageSize is the one saving us from DoS attacks (hard limit).

这篇关于MaxBufferSize 属性?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！