> I believe the call to setBufferSize should have the ability to
> return the actual buffer size allocated, which may be more *or less*
> than that requested. This would allow the container to balance buffer
> allocation between servlets, and to
> refuse outrageously large buffer requests from broken, malicious or
> badly coded servlets.
If my servlet's malicious, or if I'm a poor coder, then I can still do
byte[] buf = new byte[HUGE_VALUE]
to chew the server.
Because the server must follow the setBufferSize() request, it makes
it a lot easier to write portable code. It's not just a performance
question, it's an issue of how much output a servlet can write and
still reset the response with an error code.
-jh-
--
Jason Hunter
[EMAIL PROTECTED]
Book: http://www.servlets.com/book
Article: http://www.javaworld.com/jw-12-1998/jw-12-servletapi.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
