Re: file upload = simple DoS possibility
Adrian Holovaty wrote: > I'd recommend handling this at the Apache level. See the > LimitRequestBody directive: > > http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestbody Thanks a lot! --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
Re: file upload = simple DoS possibility
On 8/29/06, Michael Samoylov <[EMAIL PROTECTED]> wrote: > Is the any way to control upload process (max file size, etc.)? Great > framework but file upload can couse DoS. > [...] > User can try to upload any size file and waste all server's cpu and > memory and you can imagine situation with hundreds of uploads! I've > patched django with > 3581-streaming_uploads_and_uploadprogress_middleware_x_progress_id.diff > but I see no performance improvements :( Hi Michael, I'd recommend handling this at the Apache level. See the LimitRequestBody directive: http://httpd.apache.org/docs/2.2/mod/core.html#limitrequestbody Adrian -- Adrian Holovaty holovaty.com | djangoproject.com --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---
file upload = simple DoS possibility
Hi all. Is the any way to control upload process (max file size, etc.)? Great framework but file upload can couse DoS. For example: class Account(models.Model): user = models.OneToOneField(User) birthday = models.DateField(blank=True, null=True) icq = models.IntegerField(blank=True, null=True) website = models.URLField(blank=True, null=True) resume = models.TextField(blank=True, null=True) userpic = PhotoField(upload_to='upload', width=100, height=100, null=True, blank=True) User can try to upload any size file and waste all server's cpu and memory and you can imagine situation with hundreds of uploads! I've patched django with 3581-streaming_uploads_and_uploadprogress_middleware_x_progress_id.diff but I see no performance improvements :( --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users -~--~~~~--~~--~--~---