maxDecodedContentLength

The maximum size (in bytes) of the decoded request body.

If decompression produces more than this number of bytes, a PayloadTooLargeException is thrown and the decoded channel is cancelled. This protects against "decompression bomb" attacks where a small compressed body decompresses to a huge payload.

Set to a non-positive value to disable the size cap. Defaults to DEFAULT_MAX_DECODED_CONTENT_LENGTH (disabled).

Report a problem