struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralf Hauser (JIRA)" <>
Subject [jira] Commented: (STR-1705) [upload] Document how to use web.xml "maxFileSize" and how to deal with "MaxLengthExceededException"
Date Wed, 14 Mar 2007 13:01:08 GMT


Ralf Hauser commented on STR-1705:

see also STR-1955 and now with full URL

> [upload] Document how to use web.xml "maxFileSize" and how to deal with "MaxLengthExceededException"
> ----------------------------------------------------------------------------------------------------
>                 Key: STR-1705
>                 URL:
>             Project: Struts 1
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: 1.0 Final
>         Environment: Operating System: other
> Platform: Other
>            Reporter: Ralf Hauser
>         Assigned To: Struts Developers
>            Priority: Minor
> As per the above-referenced mailing list discussion thread, I run into two problems:
> 1) the browser appears to upload the entire file that is bigger than the
> maxFileSize and only after completing the upload, MaxLengthExceededException is
> thrown. (If that is really true, this is not particularly defensive against
> denial of service attacks)
> 2) I get the MaxLengthExceededException as a stack-trace, but it doesn't appear
> that I can catch this exception in any of my "struts.jar-user" .java files.
> ------
> 3) Also, is there a way not to specify this on the global web.xml level, but on
> a case by case basis? Depending on the user classes I attribute a user-session
> to, I would like to vary this value: highly trusted users shall be able to
> upload more than anonymous users.
> Since after quite some searching, I didn't find an answer to this, I suggest to
> enhance the documentation correspondingly.
> or more recent post to the same topic:

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message