Please open a ticket. Something like this could go in. On Monday, 18 February 2013 11:26:00 UTC-6, Andriy wrote: > > I`m writing a forum with possibility of attachments and looking for a way > to refuse over-sized uploads. Validator IS_LENGTH() checks for upload file > size, but only after the whole file transfered to server. This may be a > security issue, since several attackers can start to upload Gb files to > server simultaneously and overload it. > > I searched but did not found how web2py can refuse an upload before it > started. But I found that if I add this line to *copystream_progress*function > in > *gluon\main.py:* > if size>1000000: raise HTTP(403, "file size > 1mb, refused") - this works > and does not allow over-sized file to go through. > > Is this a possible way to deal with this problem? Or did I break something > if I add such line to *copystream_progress*? May be there is a way > already implemented in web2py? >
-- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
