Could you be more specific? In other words, which part of the
application were you using and what was the error message that you got?
You mentioned a problem uploading images... which baffles me the most
because the ESAPI changes are _only_ for String attributes on
services. What was the error that you got for that?
More details would be really helpful about the specific issue you're
running into. Beyond that as a generality (possibly not related to
what you're running into?), I agree that we should leave the default
pretty high, and I've just committed a change that does that.
-David
On Feb 23, 2009, at 4:52 PM, Al Byers wrote:
I guess one of the first places that we will run into ESAPI affects
is in
content management when we try to store images and the like that are
larger
than the default "maxInputSize" = 5000 specified in the antisamy-
esapi.xml
file.
What would be the best approach to dealing with this?
1. Just modify the maxInputSize value? I may want to limit files
that are
uploaded, but not content that is persisted some other way.
2. In that case do I override the createDataText service (which
would mean
overriding the "createTextContent" service)?
Are there any other options I am missing like specifically changing
the
value of allowHTML (if that were set to "any" there would be no
content
limits, right?) for a specific service call?
Thanks,
-Al
