DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22633>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=22633 Document how to use web.xml "maxFileSize" and how to deal with "MaxLengthExceededException" Summary: Document how to use web.xml "maxFileSize" and how to deal with "MaxLengthExceededException" Product: Struts Version: 1.0 Final Platform: Other URL: http://www.mail-archive.com/struts- [EMAIL PROTECTED]/msg15407.html OS/Version: Other Status: NEW Severity: Enhancement Priority: Other Component: Documentation AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] As per the above-referenced mailing list discussion thread, I run into two problems: 1) the browser appears to upload the entire file that is bigger than the maxFileSize and only after completing the upload, MaxLengthExceededException is thrown. (If that is really true, this is not particularly defensive against denial of service attacks) 2) I get the MaxLengthExceededException as a stack-trace, but it doesn't appear that I can catch this exception in any of my "struts.jar-user" .java files. ------ 3) Also, is there a way not to specify this on the global web.xml level, but on a case by case basis? Depending on the user classes I attribute a user-session to, I would like to vary this value: highly trusted users shall be able to upload more than anonymous users. Since after quite some searching, I didn't find an answer to this, I suggest to enhance the documentation correspondingly. or more recent post to the same topic: http://marc.theaimsgroup.com/?l=struts-user&m=104332226122935&w=2 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
