Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[#1112] Allow to limit the size of whole request or the size of one uploaded file in a request #1110

Merged
merged 1 commit into from
Feb 22, 2017
Merged

[#1112] Allow to limit the size of whole request or the size of one uploaded file in a request #1110

merged 1 commit into from
Feb 22, 2017

Conversation

cbxp
Copy link
Contributor

@cbxp cbxp commented Feb 20, 2017

…file in a request.

The configuration parameters are: 'upload.sizeMax' and 'upload.fileSizeMax'.
The defaults stay the same -1 which means 'unlimited'.

@asolntsev asolntsev self-assigned this Feb 21, 2017
@asolntsev
Copy link
Contributor

@xael-fry This is definitely good PR. I suggest to merge it ASAP.

xael-fry
xael-fry requested changes Feb 22, 2017
View reviewed changes
Copy link
Member

@xael-fry xael-fry left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you update the documentation with the new parameters?

@xael-fry xael-fry changed the title Allow to limit the size of whole request or the size of one uploaded … [#1112] Allow to limit the size of whole request or the size of one uploaded file in a request Feb 22, 2017
@xael-fry xael-fry added this to the 1.5.0 milestone Feb 22, 2017
@cbxp cbxp force-pushed the uploadSizeFix branch 2 times, most recently from 224e374 to 195c9cd Compare February 22, 2017 07:43
@cbxp
Copy link
Contributor Author

cbxp commented Feb 22, 2017

@xael-fry We have updated the documentation.
By the way, I suggest to put some reasonable default values. Say,

upload.maxFileSize=10240   (10 mb)
upload.maxRequestSize=30720  (30 mb)

Without that, it's possible that hacker can upload 100TB file to server.

xael-fry
xael-fry requested changes Feb 22, 2017
View reviewed changes
framework/src/play/data/parsing/ApacheMultipartParser.java Outdated
@@ -612,12 +612,12 @@ public void setHeaders(FileItemHeaders pHeaders) {
* The maximum size permitted for the complete request, as opposed to
* {@link #fileSizeMax}. A value of -1 indicates no maximum.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fileSizeMax no longer exist as you rename it

playframework#1112 Allow to limit the size of whole request or the si…
65a7ba9 
…ze of one uploaded file in a request.

 The configuration parameters are: 'upload.sizeMax' and 'upload.fileSizeMax'.
 The defaults stay the same -1 which means 'unlimited'.
@asolntsev
Copy link
Contributor

asolntsev commented Feb 22, 2017
edited
Loading

@xael-fry Fixed parameter name in javadoc, thank you. What about setting default values to something reasonable?

@asolntsev asolntsev merged commit 02f7bac into playframework:master Feb 22, 2017
@asolntsev asolntsev deleted the uploadSizeFix branch February 22, 2017 21:08
@asolntsev asolntsev mentioned this pull request Feb 22, 2017
Closed
@xael-fry
Copy link
Member

@asolntsev I don't think we should define default value here, some user handle request size limit with a a front apache server, so setting new value may cause conflict when upgrading

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xael-fry xael-fry xael-fry requested changes

Assignees

@asolntsev asolntsev

Labels
documentation feature
Projects
None yet
Milestone
1.5.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@cbxp @asolntsev @xael-fry