Skip to content

Instantly share code, notes, and snippets.

@ziadoz
Created February 2, 2024 15:17
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save ziadoz/8611f857d5f21dc8eeb583cd76f83e71 to your computer and use it in GitHub Desktop.
Laravel 10.x - max_input_var INI Middleware
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\HttpException;
class PreventMaxInputVarTruncation
{
protected ?int $inputVars;
public function handle(Request $request, Closure $next): Response
{
if (
$this->isWriting($request) &&
$this->inputVars($request) <= $this->maxInputVars()
) {
return $next($request);
}
throw new HttpException(413, sprintf(
'Request containing %d input vars exceeds maximum %d',
$this->inputVars($request),
$this->maxInputVars(),
));
}
protected function isWriting(Request $request): bool
{
return in_array($request->method(), ['POST', 'PUT', 'PATCH', 'DELETE']);
}
protected function inputVars(Request $request): int
{
return $this->inputVars ??= $request->collect()->flatten()->count();
}
protected function maxInputVars(): int
{
return ini_get('max_input_vars') ?: 1_000;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment