Hi Team,

We are looking into possibility of restricting the POST request size having 
content-type application/json in Tomcat.
We want to ensure that attacker should not hit Rest API request directly with 
large request data.  Expecting  Tomcat application server level configuration 
should decline the request.
We tried adding maxPostSize but it doesn't seem to work for content type 
application/json

Tomcat version is 9.0.104

Kindly let me know if any tomcat attribute can be used or other ways to achieve 
this in Tomcat.

Thanks in advance,

Regards,
Viswa

Reply via email to