[
https://issues.apache.org/jira/browse/CXF-3879?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sam Meder updated CXF-3879:
---------------------------
Attachment: attachment-size-limit.patch
Updated patch which factors out some repeated code.
> Add the ability to enforce a maximum attachment size
> ----------------------------------------------------
>
> Key: CXF-3879
> URL: https://issues.apache.org/jira/browse/CXF-3879
> Project: CXF
> Issue Type: Improvement
> Components: JAX-RS
> Affects Versions: 2.2.12, 2.3.7, 2.4.3
> Reporter: Sam Meder
> Attachments: attachment-size-limit.patch
>
>
> Safe handling of multipart-* HTTP request requires the ability to cap the
> size of the uploaded attachments before they get cached. CXF does currently
> not provide an option for this (other frameworks such as the commons
> fileupload and the 3.0 servlet spec do provide this). I've attached a quick
> patch that allows one to set a option for enforcing a size limit while doing
> the attachment parsing (similar to the threshold and temp dir options). The
> biggest question imo is how to best bubble up a appropriate error. I chose to
> subclass IOException and then later on transform it into a 413 (request size
> too large) HTTP response, but would welcome input on other approaches.
> I will attach a patch against CXF 2.2, but believe that it should also apply
> to newer versions.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
