Limit HTTP response body size [New in Security Center 1.3 and updated in 1.5]

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Configure the glide.http.response.get_body.limit.enabled and glide.http.response.get_body.limit properties to protect your instance against OutOfMemoryExceptions.

    Prevent OutOfMemoryExceptions that can result from a request response body being too large using the glide.http.response.get_body.limit.enabled and glide.http.response.get_body.limit system properties. These exceptions can cause denial of service (DOS) attacks as well as other issues that may aid attackers in compromising an instance. Not setting these properties to the recommended values could make your instance vulnerable to OutOfMemoryExceptions and denial of service attacks.

    To protect your instance against these security vulnerabilities:
    • Set the glide.http.response.get_body.limit.enabled system property to true.
    • Ensure that the glide.http.response.get_body.limit system property set to no more than 524,288,000 megabytes (500 MB).

    More information

    Attribute Description
    Configuration name
    • glide.http.response.get_body.limit.enabled
    • glide.http.response.get_body.limit
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value true
    Category File and resources
    Security risk
    • Severity score: 3.1
    • Security risk details: Not setting these properties to the recommended values could make your instance vulnerable to OutOfMemoryExceptions and denial of service attacks.
    Dependencies and prerequisites None
    Functional impact This property reduces the chances of an OutOfMemoryException due to a customer accidentally loading a large file into memory.