关于[Prevent Zip bombs in .NET]的摘要:
This post is part of the series 'Vulnerabilities'. Be sure to check out the rest of the blog posts of the series! If your website allows the user to upload a zip file that will be extracted on the server, you should be very careful. Often websites are protected again uploading big files. By default, Kestrel and IIS limit the size of a request to 30MB. Apache and nginx also have limits...
原文地址: https://www.meziantou.net/prevent-zip-bombs-in-dotnet.htm