Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Craft CMS security scans: upload of over-the-limit file hangs the system; should it throw exception/error? #5278
We are putting our new Craft CMS 3.2 install (dev environment) through some security scan paces, including uploads of 500Mb files. We'd expect to throw an exception message/error page on an over-the-limit file, but it is not doing that currently (it simply hangs).
When we run these scans against other CMS applications, when the upload is attempted, an error is thrown by the web server and the underlying CMS applications continue to function as they should as do the actual scans. This is not the case when it comes to Craft.
To pass the security scan, we'd like Craft to throw an error, not just 'hang.'
Our PHP Info:
Steps to reproduce