W3C home > Mailing lists > Public > www-validator@w3.org > May 2000

Re: File Upload

From: Curtis \(Jewell\) Whalen <curtis_whalen@geocities.com>
Date: Wed, 17 May 2000 04:07:12 -0500
Message-ID: <004c01bfbfdf$4f4fb820$080e3dce@FIRST>
To: <www-validator@w3.org>
I don't know about any way to prevent it than to track how much has been
downloaded for the whole POST and
when you get past a certain number of bytes, stop, drop the input
connection, and return a HTTP 413 (POST Too Large) code.

I do not know if the validator does this.

This is what Perl's CGI.pm module does in its newest versions, (2.66 does
it, 2.56 I don't think so) so it makes things easy for me.

use CGI;
$CGI::POST_MAX = 1024 * 120;  # max 120K posts


----- Original Message -----
From: "Stephen Turner" <sturner@MIT.EDU>
To: <www-validator@w3.org>
Sent: Tuesday, May 16, 2000 5:24 PM
Subject: File Upload


> Hello,
>
> I was just looking at the file-upload feature on your
> validation service and I was curious - do you have anything
> in place to prevent mischief such as a gigabyte binary file
> being uploaded? I'm working on a web-based file upload myself
> and I'm not sure how to prevent this.
>
> Thanks,
> Steve Turner.
>


__________________________________________________
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
Received on Wednesday, 17 May 2000 05:11:10 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 25 April 2012 12:13:53 GMT