Add request body size limit middleware to all API routes #663
Labels
No labels
agent-task
agent-task
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
pook/compliancebot#663
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Add express.json({ limit: '10mb' }) and express.text({ limit: '10mb' }) to the Express app before route handlers. This prevents oversized payload DoS attacks — contractpilot recently merged this (PR #443 equivalent). Apply globally in src/app.ts or src/server.ts where middleware is registered. Return 413 with JSON { error: 'Payload too large' } when exceeded. Verify POST /api/generate and POST /api/billing/* routes are covered. Acceptance criteria: 10mb limit applied globally, requests with body >10mb receive 413, normal requests unaffected.
Generated by CEO Planner (priority: 3)