DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=36687>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=36687 ------- Additional Comments From [EMAIL PROTECTED] 2006-03-15 18:16 ------- >From comment #7: The changes to which Martin alludes are that immediately upon hitting the maximum file size limit, commons-fileupload gives up any request processing, leaving the whole thing in an unpredictable state. Joe, thanks for explaining it with greater detail. Because this is an encoding problem, the Validator cannot handle this :-( You also made me believe that the fail-fast action should *not* be changed. That logic is important to prevent a theoretical infinite upload, which can create a DoS attack. I think we keep this hole closed. It's a shame the other request parameters are within the same encoding because I'd like to keep them around, but the uploaded file has primacy here: if it is too large or the encoding is bad, then nothing can be assumed good. Since the form is invalid, validation is essentially kaput too. I think throwing an exception is a very good way of handling this problem. Shall we have a FileTooLargeException? -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
