Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UploadField max file size validation has no effect for large files #925

Closed
2 tasks done
kinglozzer opened this issue Mar 21, 2019 · 1 comment
Closed
2 tasks done

UploadField max file size validation has no effect for large files #925

kinglozzer opened this issue Mar 21, 2019 · 1 comment
Labels
affects/v4 impact/medium type/bug
Milestone
Sprint 45

Comments

@kinglozzer
Copy link
Member

kinglozzer commented Mar 21, 2019
edited by dnsl48
Loading

Tested with 1.3.3

/** @var Upload_Validator $validator */
$validator = $uploadField->getValidator();
$validator->setAllowedMaxFileSize('1m');

I’d expect this to prevent the upload, but it actually allows the file to be uploaded before validation is run server-side. That, while a little frustrating for CMS users who have slow connections, does work for smaller files, however...

If post_max_size is set to 10mb, the field is set to 1mb, and the user attempts to upload a 40mb file, they receive a useless error message: a 400 error code and There has been an error (or other webserver error message). Error logs show:

PHP Warning: POST Content-Length of 40500753 bytes exceeds the limit of 10485760 bytes in Unknown on line 0, referer:

Attempting to upload files via AssetAdmin does produce error messages prior to uploading, so client-side validation is obviously possible somehow.

Expected results

  • If the set UploadField max file size is exceeded, there is client-side validation alerting the user
  • The file is prevented from being uploaded/does not reach the server

PRs
@kinglozzer kinglozzer mentioned this issue Mar 21, 2019
Open
@brynwhyman brynwhyman mentioned this issue Sep 2, 2019
Open
This was referenced Sep 2, 2019
Closed
Merged
@ScopeyNZ ScopeyNZ mentioned this issue Sep 3, 2019
Open
@dnsl48 dnsl48 self-assigned this Sep 30, 2019
@Cheddam Cheddam added this to the Sprint 44 milestone Sep 30, 2019
@brynwhyman brynwhyman modified the milestones: Sprint 44, Sprint 45 Oct 1, 2019
This was referenced Oct 2, 2019
Merged
Merged
@dnsl48 dnsl48 removed their assignment Oct 2, 2019
@dnsl48
Copy link
Contributor

dnsl48 commented Oct 2, 2019

Done. Tested in IE11 and Chromium

@dnsl48 dnsl48 closed this as completed Oct 2, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
affects/v4 impact/medium type/bug
Projects
None yet
Milestone
Sprint 45
Development

No branches or pull requests
5 participants
@Cheddam @clarkepaul @kinglozzer @dnsl48 @brynwhyman