From 71a6c878ace0f2b3932962f8c0d36185ba99fbca Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Tue, 5 Feb 2013 00:03:07 +0000
Subject: [PATCH] Add a task suggested by David

---
 todo/nmap.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/todo/nmap.txt b/todo/nmap.txt
index b937d8884..3c5a26535 100644
--- a/todo/nmap.txt
+++ b/todo/nmap.txt
@@ -40,6 +40,11 @@ o We should figure out why (at least with Nping) raw ethernet frame
   happens with Fyodor's machine connected with WiFi.  Fyodor should
   test on the same machine using wired and see if that changes anything.
 
+o Our http library should allow the client to specify a max size in
+  advance and should probably enforce some sort of maximum by default
+  (unless turned off by the script).  That way sites can't DoS Nmap by
+  feeding enormous files.
+
 o NSE digest auth should use the more robust parsing from
   http.parse_www_authenticate as described at
   http://seclists.org/nmap-dev/2012/q3/868