Hi,
The final goal is to have a server-side validation and return a page
template explaining what the problem is rather than just closing the
connection. Having client-side validation ( JavaScript/Flash like
gmail ) helps in terms of UI but I presume wouldn't be safe enough
agains DoS.
IMHO, I agree with Dossy, to use the driver thread to check the hard
limits and instead of dropping the connection, just mark the HTTP
request and let the request handler to return the 413. I also think
the template could be configured in the 'ns_section
ns/server/${server}/redirects' , isn't it ?
If you all agree with this, Brian and I can help to get a patch.
Thanks for the great feedback!,
Enrique.
On Thu, Jun 23, 2011 at 4:28 PM, Fenton, Brian <brian.fen...@quest.ie> wrote:
> I'm using OpenACS hence the TCL. I just want to let the user know that their
> file is over the size limit. Could we, in driver.c instead of closing the
> connection socket, return a custom template (like Apache does) ?
>
> Brian
>
> ________________________________________
> From: AOLserver Discussion [AOLSERVER@LISTSERV.AOL.COM] On Behalf Of Jim
> Davidson [jgdavid...@mac.com]
> Sent: 23 June 2011 15:59
> To: AOLSERVER@LISTSERV.AOL.COM
> Subject: Re: [AOLSERVER] Problem with file uploads larger than maxinput
>
> I think the short answer is there is no way.
>
> Checking the code and your error message, this is error condition E_CRANGE.
> It's returned from SockReadLine which is called repeatedly to read the
> request line ("GET /url/ ...") and headers. As it reads lines, it parses
> them for some special conditions. If it sees a "content-length" header, it's
> parsed and verified the content to be sent isn't out of range. If it is, it
> returns E_CRANGE and the connection is aborted. So, there's no Tcl
> environment available to fiddle with.
>
> There is some Tcl framework in there for "que wait" callbacks but it's not
> exposed for error conditions. Good idea.
>
> Question: What are you trying to do with Tcl? Maybe you could hack the
> driver.c code to do something smart at CRANGE alone? I think it's the most
> common limit-related error.
>
> -Jim
>
>
> On Jun 23, 2011, at 8:22 AM, Fenton, Brian wrote:
>
>> Thanks Jim
>>
>> yes that now logs the fact that the file was too big (multiple times in
>> fact), but how can I access this fact in TCL?
>>
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[38]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[39]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[40]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[41]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[42]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[43]: max
>> content exceeded
>> [23/Jun/2011:15:05:50][27869.163851][-nssock:driver-] Error: conn[44]: max
>> content exceeded
>>
>> Brian
>>
>> ________________________________________
>> From: AOLserver Discussion [AOLSERVER@LISTSERV.AOL.COM] On Behalf Of Jim
>> Davidson [jgdavid...@mac.com]
>> Sent: 23 June 2011 14:44
>> To: AOLSERVER@LISTSERV.AOL.COM
>> Subject: Re: [AOLSERVER] Problem with file uploads larger than maxinput
>>
>> Howdy,
>>
>> Appears you need to set driver "debug" mode for the driver for the given
>> socket module thing:
>>
>> ns_section "ns/server/server1/module/nssock"
>> ns_param debug 1
>>
>> Hopefully that's not too much muck in the server log.
>>
>> -Jim
>>
>>
>> On Jun 23, 2011, at 7:16 AM, Fenton, Brian wrote:
>>
>>> Thanks Jim
>>>
>>> I should have mentioned that there was nothing in the error log either.
>>>
>>> So, how would you recommend I capture the fact that the uploaded file is
>>> larger than our limit, and feedback to the user?
>>>
>>>
>>> thanks
>>> Brian
>>>
>>>
>>> ________________________________________
>>> From: AOLserver Discussion [AOLSERVER@LISTSERV.AOL.COM] On Behalf Of Jim
>>> Davidson [jgdavid...@mac.com]
>>> Sent: 23 June 2011 13:47
>>> To: AOLSERVER@LISTSERV.AOL.COM
>>> Subject: Re: [AOLSERVER] Problem with file uploads larger than maxinput
>>>
>>> Hi,
>>>
>>> The short answer is no, there's no access log entry although there may be a
>>> server log message buried in the chatter.
>>>
>>> The reason is the access log is a "trace" that fires at the end of an HTTP
>>> connection and the request isn't a connection until all the content has
>>> been read and the data structures hooked up and passed over to a connection
>>> thread. In retrospect, transaction logging should be a lower-level
>>> built-in that can deal with logging these aborted transactions.
>>>
>>> You can see what may be logged in the server log by looking at the
>>> LogReadError function at the end of nsd/driver.c, maybe a E_RRANGE, "max
>>> request exceeded".
>>>
>>>
>>> -Jim
>>>
>>>
>>>
>>>
>>> On Jun 23, 2011, at 6:04 AM, Fenton, Brian wrote:
>>>
>>>> Hi
>>>>
>>>> When I upload a file larger than the maxinput I get the Firefox browser
>>>> page with a "the connection to the server was reset while the page was
>>>> loading" message. Looking in the access logs it seems to suggest that it
>>>> doesn't even hit the website as there is no log entry. A file smaller than
>>>> the maxinput uploads with no problems and everything is correctly logged.
>>>> Increasing maxinput allows the file to upload and also is everything is
>>>> correctly logged (so it's not a browser or network issue).
>>>>
>>>> I don't fully understand this - if there is no entry in the access log,
>>>> does this mean that I'm not even connnecting to AOLserver? As the success
>>>> of the upload is dependent on maxinput I imagine there is some sort of
>>>> connection to the server. Assuming there is a connection how can I log it
>>>> or intercept it?
>>>>
>>>> Can anyone advise me on what to try? Ideally, I'd like to be able to
>>>> capture the fact that the uploaded file is larger than our limit, and
>>>> feedback to the user. Even more ideally, I'd like to be able to tell them
>>>> BEFORE they upload. :-)
>>>>
>>>> I've got the following settings in my config.tcl (this is AOLserver 4.5.1
>>>> but also happens on 4.0.10 and on Windows version)
>>>>
>>>> set max_file_upload_mb 10
>>>> set max_file_upload_min 5
>>>> ns_section ns/server/${server}/module/nssock
>>>> ns_param maxinput [expr {$max_file_upload_mb * 1024 * 1024}]
>>>> ;# Maximum File Size for uploads in bytes
>>>> ns_param maxpost [expr {$max_file_upload_mb * 1024 * 1024}]
>>>> ;# Maximum File Size for uploads in bytes
>>>> ns_param recvwait [expr {$max_file_upload_min * 60}] ;#
>>>> Maximum request time in minutes
>>>>
>>>>
>>>> --
>>>> AOLserver - http://www.aolserver.com/
>>>>
>>>> To Remove yourself from this list, simply send an email to
>>>> <lists...@listserv.aol.com> with the
>>>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the
>>>> Subject: field of your email blank.
>>>
>>>
>>> --
>>> AOLserver - http://www.aolserver.com/
>>>
>>> To Remove yourself from this list, simply send an email to
>>> <lists...@listserv.aol.com> with the
>>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the
>>> Subject: field of your email blank.
>>>
>>>
>>> --
>>> AOLserver - http://www.aolserver.com/
>>>
>>> To Remove yourself from this list, simply send an email to
>>> <lists...@listserv.aol.com> with the
>>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the
>>> Subject: field of your email blank.
>>
>>
>> --
>> AOLserver - http://www.aolserver.com/
>>
>> To Remove yourself from this list, simply send an email to
>> <lists...@listserv.aol.com> with the
>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
>> field of your email blank.
>>
>>
>> --
>> AOLserver - http://www.aolserver.com/
>>
>> To Remove yourself from this list, simply send an email to
>> <lists...@listserv.aol.com> with the
>> body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
>> field of your email blank.
>
>
> --
> AOLserver - http://www.aolserver.com/
>
> To Remove yourself from this list, simply send an email to
> <lists...@listserv.aol.com> with the
> body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
> field of your email blank.
>
>
> --
> AOLserver - http://www.aolserver.com/
>
> To Remove yourself from this list, simply send an email to
> <lists...@listserv.aol.com> with the
> body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
> field of your email blank.
>
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<lists...@listserv.aol.com> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
