Thanks guys!
Ole
On 09/03/2011 10:51 AM, Konstantin Preißer wrote:
Hi,
-Original Message-
From: Jonathan Soons [mailto:jso...@juilliard.edu]
Sent: Saturday, September 03, 2011 2:24 PM
To: Ole Ersoy; Tomcat Users List
Subject: RE: Servlet 3.0 File Upload
You need to add a line
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 9/3/2011 11:51 AM, Konstantin Preißer wrote:
What I usually do to get the filename is:
Part uploadPart = request.getPart(uploadfield); // get the Part
String contDispoHeader =
uploadPart.getHeader(Content-Disposition); // get
Hi Chris,
It seems dangerous to allow the client to specify the file name. All
kinds of bad things can happen such as specifying special file names
(does PRN still work in win32? through Java?) or overwriting files
from other clients.
I would highly recommend that some portion of the
This must be about the worst advice I have ever seen.
What about someone typing e.g. /etc/passwd in that text box?
If you allow people to upload files to your server, you should create your own location
and naming scheme for the uploaded files. You should not even use the original filename,
Thank you for the advice. I'll stick to hard coded file locations and names :).
Thanks again,
- Ole
On 09/05/2011 03:22 AM, André Warnier wrote:
This must be about the worst advice I have ever seen.
What about someone typing e.g. /etc/passwd in that text box?
If you allow people to upload
Thank you for the advice. I'll stick to hard coded file locations and names :).
Thanks again,
- Ole
On 09/05/2011 03:22 AM, André Warnier wrote:
This must be about the worst advice I have ever seen.
What about someone typing e.g. /etc/passwd in that text box?
If you allow people to upload
You need to add a line in in your form:
input type=text name=filename /
Then in your servlet GetPost() method you put this filename in a variable:
String filename;
filename = req.getParameter(filename);
Then instead of part.write(samplefile);
do:
part.write(filename);
Jonathan Soons
Hi,
-Original Message-
From: Jonathan Soons [mailto:jso...@juilliard.edu]
Sent: Saturday, September 03, 2011 2:24 PM
To: Ole Ersoy; Tomcat Users List
Subject: RE: Servlet 3.0 File Upload
You need to add a line in in your form:
input type=text name=filename /
Then in your
You need to add a line in in your form:
input type=text name=filename /
Then in your servlet GetPost() method you put this filename in a
variable:
String filename;
filename = req.getParameter(filename);
Then instead of part.write(samplefile);
do:
part.write(filename);
Hi,
-Original Message-
From: cjder...@gmail.com [mailto:cjder...@gmail.com] On Behalf Of chris
derham
Sent: Saturday, September 03, 2011 6:51 PM
To: Tomcat Users List
Subject: Re: Servlet 3.0 File Upload
Letting the remote user control the name of the file that is written
Never mind...I see the example hard codes the name of the file. Sorry for the
noise.
On 09/02/2011 05:50 PM, Ole Ersoy wrote:
Hi,
I have a working file upload servlet, with the exception that it calls
the uploaded file samplefile instead of using the name of the file. So
if I upload
11 matches
Mail list logo
