Hello,
I would like to report a bug against the Apache Commons FileUpload 1.5.
However, because the JIRA is restricted, I do not have the authorization
to create a new issue.
Here is my bug report, and corresponding pull request with unittest+fix
**** TITLE :
FileCountMax limit incorrectly count both simple form fields and files
**** DESCRIPTION :
The set FileCountMax limit introduced in 1.5 incorrectly count both
simple form fields and files
As described in the javadoc, the setFileCountMax is "the maximum number
of files allowed per request."
Bug : current implementation throws an exception when the number of
fields reaches the limit, thus including both file and simple field.
Expected behavior :
Exception should only be thrown when number of *file* reaches the limit.
To prevent DoS in a practical manner, only files should be limited, as
number of simple form fields can be very large and should not be
limited.
**** Pull request / fix :
https://github.com/apache/commons-fileupload/pull/203
Thank you,
Olivier
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@commons.apache.org
For additional commands, e-mail: user-h...@commons.apache.org
