Yep, just not possible to know the size before-hand, as Tim already said (and you knew :)).
Even the status monitor you were talking about wouldn't really be possible. Well, not if the intention is to give a REAL status (i.e., percentage complete), for obvious reasons: if you don't know the total, you can't calculate a percentage. What IS possible of course is a nice little "Please wait while uploading file" type thing. But, it would be strictly client-side. I actually do this, not just for uploads but for ALL my form submissions, in a couple of apps I've written. All I do is have a hidden layer with the "please wait" content, then just show it on the form's submission (hiding the layer that contains the displayed content), and off you go. As for the applet approach, that would certainly work (as would an ActiveX control for the IE folks), but I personally wouldn't use such a beast, only because I loath applets. :) You raise a good point about it being a security hole. Since the data is being streamed from the browser to the server, than at some point you must be able to say "hey, we've recieved 10MB, and that's our limit, so let's cut this connection off", just to avoid the issue. I'm not sure where you would do such a thing, maybe a filter? Not sure Commons Upload would support such a thing, but it not, that might not make a bad patch suggestion. -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com On Mon, March 7, 2005 1:50 pm, Leon Rosenberg said: >> >> HTML/HTTP doesn't support that, IMHO. The <input >> type="file"...> tag just grabs the file and starts sending >> it. The server has no clue how large the file is until the >> entire thing arrives. > > That is what I know too. And this is ugly. > IMHO it's a fat security hole, since it's really easy for a script kidie > to > create > an upload script and kill yourself with meaningless data instead of pix or > whatever you permit to upload. > > Maybe a small signed java applet could close this hole? > I would participate in writing one, if it's for interest to more people. > > Regards > Leon > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
