So allowing file uploads can cause severe problems then. If a malicious
user wanted to crash the server (denial of service?) all they would need
to do is open up a series of windows and start upload large files to the cf
server.
This would effectively render the server unresponsive.
Would a cflock with a timeout value around the cffile tag abort the upload
if it was taking longer than the timeout value seconds?
Wrap this in a try/catch statement and tell the user the file they were
attempting to upload was to too big.
Would that work?
-bd
> > Thats not good. So,10 simultaneous 50 meg uploads would render the server
> > useless for the amount of time it took to finish those uploads?! I hope
> > not, seeing as there is no way to check the size of a file before its
> > uploaded. Is there?
>
>I would not recommend using coldfusion for file uploads. OTOH I
>don't think the 10x50M scenario is very real either. :)
>
>You can do a size check with CGI.CONTENT_LENGTH, but it won't help reduce
>crashes etc because CF will read its input before it starts processing
>the template.
>
>(Hm, i thought this thread was about cfcontent, not cffile; oh never mind ;)
>
>--
>Michiel Boland <[EMAIL PROTECTED]>
>Digital Valley Internet Professionals
>Plantsoen 17, Wageningen, The Netherlands
>Phone: +31 317 465555, Fax: +31 317 460276
>
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
------------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED] with
'unsubscribe' in the body or visit the list page at www.houseoffusion.com
