-
Notifications
You must be signed in to change notification settings - Fork 332
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upload size validation for each file #423
Conversation
@@ -50,6 +50,11 @@ public long getSizeLimit() { | |||
} | |||
|
|||
@Override | |||
public long getFileSizeLimit() { | |||
return 2 * 1024 * 1024; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
may we can grow this value to Long.MAX_VALUE and allow app to define lower values.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's kind of a security problem. If we leave this unlimited, someone can start 10 uploads with 2Gb and break the server.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ok then
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree with Lucas! It's better to leave as it is!
On Wed, Mar 5, 2014 at 11:38 AM, Lucas Cavalcanti
notifications@gitpro.ttaallkk.topwrote:
In
vraptor-core/src/main/java/br/com/caelum/vraptor/observer/upload/DefaultMultipartConfig.java:@@ -50,6 +50,11 @@ public long getSizeLimit() {
}@Override
- public long getFileSizeLimit() {
return 2 \* 1024 \* 1024;
It's kind of a security problem. If we leave this unlimited, someone can
start 10 uploads with 2Gb and break the server.Reply to this email directly or view it on GitHubhttps://github.com//pull/423/files#r10301148
.
Rafael Ponte
http://cursos.triadworks.com.br
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can I merge the original pull request?
@@ -27,13 +27,20 @@ | |||
public interface MultipartConfig { | |||
|
|||
/** | |||
* The max size of uploaded files (in bytes). | |||
* The max size of uploaded files (in bytes). Default value is 2MB. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this should be on the interface. Only the implementation sets 2MB.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure about the best place, since the text says "the default value if". Done by 55286a5.
🐑 |
Upload size validation for each file
No description provided.