cocoon-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sylv...@apache.org
Subject svn commit: r280948 - in /cocoon: blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/ blocks/forms/trunk/samples/forms/ blocks/forms/trunk/samples/messages/ trunk/ trunk/src/java/org/apache/cocoon/servlet/multipart/ trunk/src/webapp/WEB-INF/
Date Wed, 14 Sep 2005 21:48:47 GMT
Author: sylvain
Date: Wed Sep 14 14:48:24 2005
New Revision: 280948

URL: http://svn.apache.org/viewcvs?rev=280948&view=rev
Log:
When upload size exceeds the configured limit, attach a RejectedPart to the request rather
than throwing an exception

Added:
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java   (with props)
Modified:
    cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/AbstractWidget.java
    cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/Upload.java
    cocoon/blocks/forms/trunk/samples/forms/file_explorer_model.xml
    cocoon/blocks/forms/trunk/samples/messages/FormsMessages.xml
    cocoon/blocks/forms/trunk/samples/messages/FormsMessages_fr.xml
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/MultipartParser.java
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/Part.java
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartInMemory.java
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartOnDisk.java
    cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RequestFactory.java
    cocoon/trunk/src/webapp/WEB-INF/web.xml
    cocoon/trunk/status.xml

Modified: cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/AbstractWidget.java
URL: http://svn.apache.org/viewcvs/cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/AbstractWidget.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/AbstractWidget.java (original)
+++ cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/AbstractWidget.java Wed
Sep 14 14:48:24 2005
@@ -25,6 +25,7 @@
 import org.apache.cocoon.forms.Constants;
 import org.apache.cocoon.forms.event.CreateEvent;
 import org.apache.cocoon.forms.event.WidgetEvent;
+import org.apache.cocoon.forms.validation.ValidationErrorAware;
 import org.apache.cocoon.forms.validation.WidgetValidator;
 import org.apache.cocoon.xml.AttributesImpl;
 import org.xml.sax.ContentHandler;
@@ -334,23 +335,24 @@
             return false;
         }
         // Definition successful, test local validators
-        if (this.validators == null) {
-            // No local validators
-            this.wasValid = true;
-            return true;
+        if (this.validators != null) {
+            Iterator iter = this.validators.iterator();
+            while(iter.hasNext()) {
+                WidgetValidator validator = (WidgetValidator)iter.next();
+                if (!validator.validate(this)) {
+                    this.wasValid = false;
+                    return false;
+                }
+            }
         }
 
-        // Iterate on local validators
-        Iterator iter = this.validators.iterator();
-        while(iter.hasNext()) {
-            WidgetValidator validator = (WidgetValidator)iter.next();
-            if (!validator.validate(this)) {
-                this.wasValid = false;
-                return false;
-            }
+        // Successful validation
+        
+        if (this instanceof ValidationErrorAware) {
+            // Clear validation error if any
+            ((ValidationErrorAware)this).setValidationError(null);
         }
 
-        // All local iterators successful
         this.wasValid = true;
         return true;
     }

Modified: cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/Upload.java
URL: http://svn.apache.org/viewcvs/cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/Upload.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/Upload.java (original)
+++ cocoon/blocks/forms/trunk/java/org/apache/cocoon/forms/formmodel/Upload.java Wed Sep 14
14:48:24 2005
@@ -24,6 +24,7 @@
 import org.apache.cocoon.forms.validation.ValidationError;
 import org.apache.cocoon.forms.validation.ValidationErrorAware;
 import org.apache.cocoon.servlet.multipart.Part;
+import org.apache.cocoon.servlet.multipart.RejectedPart;
 import org.apache.cocoon.xml.AttributesImpl;
 import org.apache.cocoon.xml.XMLUtils;
 import org.apache.commons.lang.ObjectUtils;
@@ -64,7 +65,7 @@
     }
 
     public Object getValue() {
-        return this.part;
+        return this.isValid() ? this.part : null;
     }
 
     public void setValue(Object object) {
@@ -94,8 +95,11 @@
             // Keep the request part
             requestPart.setDisposeWithRequest(false);
             this.part = requestPart;
-            this.validationError = null;
             getForm().addWidgetUpdate(this);
+            if (validateOversize()) {
+                // Clear any validation error
+                setValidationError(null);
+            }
 
         // If it's not a part and not null, clear any existing value
         // We also check if we're the submit widget, as a result of clicking the "..." button
@@ -105,7 +109,8 @@
                 this.part.dispose();
                 this.part = null;
             }
-            this.validationError = null;
+            setValidationError(null);
+            // Ensure we redisplay it
             getForm().addWidgetUpdate(this);
         }
 
@@ -117,39 +122,54 @@
         if (mimeTypes != null) {
             StringTokenizer tok = new StringTokenizer(mimeTypes, ", ");
             String contentType = this.part.getMimeType();
-            boolean found = false;
             while(tok.hasMoreTokens()) {
                 if (tok.nextToken().equals(contentType)) {
                     return true;
                 }
             }
+            setValidationError(new ValidationError(new I18nMessage("upload.invalid-type",
Constants.I18N_CATALOGUE)));
             return false;
         }
 
         // No mime type restriction
         return true;
     }
+    
+    /**
+     * Check if the part is oversized, and if yes sets the validation error accordingly
+     */
+    private boolean validateOversize() {
+        if (this.part.isRejected()) {
+            // Set a validation error indicating the sizes in kbytes (rounded)
+            RejectedPart rjp = (RejectedPart)this.part;
+            int size = (rjp.getContentLength() + 512) / 1024;
+            int maxSize = (rjp.getMaxContentLength() + 512) / 1024;
+            setValidationError(new ValidationError(new I18nMessage(
+                    "upload.rejected",
+                    new String[] { String.valueOf(size), String.valueOf(maxSize) },
+                    Constants.I18N_CATALOGUE))
+            );
+            return false;
+        } else {
+            return false;
+        }
+    }
 
     public boolean validate() {
         if (!getCombinedState().isValidatingValues()) {
             this.wasValid = true;
             return true;
         }
-        ValidationError newError = null;
 
         if (this.part == null) {
             if (this.uploadDefinition.isRequired()) {
-                newError = new ValidationError(new I18nMessage("general.field-required",
Constants.I18N_CATALOGUE));
-                getForm().addWidgetUpdate(this);
+                setValidationError(new ValidationError(new I18nMessage("general.field-required",
Constants.I18N_CATALOGUE)));
             }
-        } else if (!validateMimeType()) {
-            newError = new ValidationError(new I18nMessage("upload.invalid-type", Constants.I18N_CATALOGUE));
+        } else if (validateOversize() && validateMimeType()) {
+            super.validate();
         }
 
-        if (!ObjectUtils.equals(this.validationError, newError)) {
-            setValidationError(newError);
-        }
-        this.wasValid = validationError == null ? super.validate() : false;
+        this.wasValid = validationError == null;
         return this.wasValid;
     }
 
@@ -168,8 +188,10 @@
      * @param error the validation error
      */
     public void setValidationError(ValidationError error) {
-        this.validationError = error;
-        getForm().addWidgetUpdate(this);
+        if(!ObjectUtils.equals(this.validationError, error)) {
+            this.validationError = error;
+            getForm().addWidgetUpdate(this);
+        }
     }
 
     /**

Modified: cocoon/blocks/forms/trunk/samples/forms/file_explorer_model.xml
URL: http://svn.apache.org/viewcvs/cocoon/blocks/forms/trunk/samples/forms/file_explorer_model.xml?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/blocks/forms/trunk/samples/forms/file_explorer_model.xml (original)
+++ cocoon/blocks/forms/trunk/samples/forms/file_explorer_model.xml Wed Sep 14 14:48:24 2005
@@ -37,6 +37,8 @@
 			   var source = event.tree.model.getNode(event.path);
                 var filesPanel = event.source.lookupWidget("../files");
 			   filesPanel.model.setRootSource(source);
+                // Clear the message in the status bar
+                event.source.lookupWidget("../messages").value = "";
 		    }
 		 </fd:javascript>
 	  </fd:on-selection-changed>

Modified: cocoon/blocks/forms/trunk/samples/messages/FormsMessages.xml
URL: http://svn.apache.org/viewcvs/cocoon/blocks/forms/trunk/samples/messages/FormsMessages.xml?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/blocks/forms/trunk/samples/messages/FormsMessages.xml (original)
+++ cocoon/blocks/forms/trunk/samples/messages/FormsMessages.xml Wed Sep 14 14:48:24 2005
@@ -53,5 +53,6 @@
    <message key="aggregatedfield.split-failed">Content of this field does not
       match the following regular expression: {0}</message>
    <message key="upload.invalid-type">Invalid content type.</message>
+   <message key="upload.rejected">Upload size too large ({0} kbytes). Only {1} kbytes
are allowed.</message>
    <message key="calendar.alt">Calendar</message>
 </catalogue>

Modified: cocoon/blocks/forms/trunk/samples/messages/FormsMessages_fr.xml
URL: http://svn.apache.org/viewcvs/cocoon/blocks/forms/trunk/samples/messages/FormsMessages_fr.xml?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/blocks/forms/trunk/samples/messages/FormsMessages_fr.xml (original)
+++ cocoon/blocks/forms/trunk/samples/messages/FormsMessages_fr.xml Wed Sep 14 14:48:24 2005
@@ -54,5 +54,6 @@
 
   <message key="aggregatedfield.split-failed">Ne correspond pas à l'expression régulière:
{0}</message>
   <message key="upload.invalid-type">Type de fichier incorrect.</message>
+  <message key="upload.rejected">Téléchargement trop gros ({0} ko). Un maximum
de {1} ko est autorisé.</message>
   <message key="calendar.alt">Calendrier</message>
 </catalogue>

Modified: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/MultipartParser.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/MultipartParser.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/MultipartParser.java (original)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/MultipartParser.java Wed Sep
14 14:48:24 2005
@@ -31,6 +31,8 @@
 
 import javax.servlet.http.HttpServletRequest;
 
+import org.apache.cocoon.util.NullOutputStream;
+
 /**
  * This class is used to implement a multipart request wrapper.
  * It will parse the http post stream and and fill it's hashtable with values.
@@ -62,6 +64,10 @@
     
     private Hashtable parts;
     
+    private boolean oversized = false;
+    
+    private int contentLength;
+    
     /**
      * Constructor, parses given request
      *
@@ -90,8 +96,9 @@
 
     private void parseParts(int contentLength, String contentType, InputStream requestStream)
     throws IOException, MultipartException {
+        this.contentLength = contentLength;
         if (contentLength > this.maxUploadSize) {
-            throw new IOException("Content length exceeds maximum upload size");
+            this.oversized = true;
         }
 
         BufferedInputStream bufferedStream = new BufferedInputStream(requestStream);
@@ -213,10 +220,12 @@
             throws IOException, MultipartException {
 
         byte[] buf = new byte[FILE_BUFFER_SIZE];
-        OutputStream out = null;
+        OutputStream out;
         File file = null;
 
-        if (!saveUploadedFilesToDisk) {
+        if (oversized) {
+            out = new NullOutputStream();
+        } else if (!saveUploadedFilesToDisk) {
             out = new ByteArrayOutputStream();
         } else {
             String fileName = (String) headers.get("filename");
@@ -232,7 +241,6 @@
             if (!allowOverwrite && !file.createNewFile()) {
                 if (silentlyRename) {
                     int c = 0;
-
                     do {
                         file = new File(filePath + c++ + "_" + fileName);
                     } while (!file.createNewFile());
@@ -245,11 +253,13 @@
             out = new FileOutputStream(file);
         }
 
+        int length = 0; // Track length for OversizedPart
         try {
             int read = 0;
             while (in.getState() == TokenStream.STATE_READING) {
                 // read data
                 read = in.read(buf);
+                length += read;
                 out.write(buf, 0, read);
             }
         } catch (IOException ioe) {
@@ -262,14 +272,15 @@
         } finally {
             if ( out!=null ) out.close();
         }
-
-        if (file == null) {
+        
+        String name = (String)headers.get("name");
+        if (oversized) {
+            this.parts.put(name, new RejectedPart(headers, length, this.contentLength, this.maxUploadSize));
+        } else if (file == null) {
             byte[] bytes = ((ByteArrayOutputStream) out).toByteArray();
-
-            this.parts.put(headers.get("name"),
-                    new PartInMemory(headers, new ByteArrayInputStream(bytes),bytes.length));
+            this.parts.put(name, new PartInMemory(headers, new ByteArrayInputStream(bytes),
bytes.length));
         } else {
-            this.parts.put(headers.get("name"), new PartOnDisk(headers, file));
+            this.parts.put(name, new PartOnDisk(headers, file));
         }
     }
 

Modified: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/Part.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/Part.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/Part.java (original)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/Part.java Wed Sep 14 14:48:24
2005
@@ -15,17 +15,28 @@
  */
 package org.apache.cocoon.servlet.multipart;
 
+import java.io.FileOutputStream;
+import java.io.IOException;
 import java.io.InputStream;
+import java.io.OutputStream;
 import java.util.Map;
 
+import org.apache.avalon.excalibur.io.IOUtil;
 import org.apache.avalon.framework.activity.Disposable;
+import org.apache.excalibur.source.ModifiableSource;
 
 
 /**
- * This (abstract) class represents a file part parsed from a http post stream.
+ * This abstract class represents a file part parsed from a http post stream. The concrete
+ * class, {@link PartOnDisk} or {@link PartInMemory} that is used depends on the upload configuration
+ * in <code>web.xml</code>.
+ * <p>
+ * If uploaded data size exceeds the maximum allowed upload size (also specified in <code>web.xml</code>),
+ * then an {@link RejectedPart} is used, from which no data can be obtained, but which gives
some
+ * information on the rejected uploads.
  *
  * @author <a href="mailto:j.tervoorde@home.nl">Jeroen ter Voorde</a>
- * @version CVS $Id: Part.java,v 1.4 2004/03/05 13:02:58 bdelacretaz Exp $
+ * @version CVS $Id$
  */
 public abstract class Part implements Disposable {
 
@@ -61,6 +72,16 @@
      * Returns the length of the file content
      */
     public abstract int getSize();
+    
+    /**
+     * Is this part a rejected part? Provided as an alternative to <code>instanceof
RejectedPart</code>
+     * in places where it's not convenient such as flowscript.
+     * 
+     * @return <code>true</code> if this part was rejected
+     */
+    public boolean isRejected() {
+        return false;
+    }
 
     /**
      * Returns the mime type (or null if unknown)
@@ -92,5 +113,43 @@
      * Returns an InputStream containing the file data
      * @throws Exception
      */
-    public abstract InputStream getInputStream() throws Exception;
+    public abstract InputStream getInputStream() throws IOException;
+
+    /**
+     * Convenience method to copy a part to a modifiable source.
+     * 
+     * @param source the modifiable source to write to
+     * @throws IOException
+     * @since 2.1.8
+     */
+    public void copyToSource(ModifiableSource source) throws IOException {
+        InputStream is = getInputStream();
+        OutputStream os = source.getOutputStream();
+        IOUtil.copy(is, os);
+        is.close();
+        os.close();
+    }
+    
+    /**
+     * Convenience method to copy a part to a file.
+     * 
+     * @param filename name of the file to write to
+     * @throws IOException
+     * @since 2.1.8
+     */
+    public void copyToFile(String filename) throws IOException {
+        InputStream is = getInputStream();
+        OutputStream os = new FileOutputStream(filename);
+        IOUtil.copy(is, os);
+        is.close();
+        os.close();
+    }
+    
+    /**
+     * Dispose any resources held by this part, such as a file or memory buffer.
+     * <p>
+     * Disposal occurs in all cases when the part is garbage collected, but calling it explicitely
+     * allows to cleanup resources more quickly.
+     */
+    public abstract void dispose();
 }

Modified: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartInMemory.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartInMemory.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartInMemory.java (original)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartInMemory.java Wed Sep 14
14:48:24 2005
@@ -15,6 +15,7 @@
  */
 package org.apache.cocoon.servlet.multipart;
 
+import java.io.IOException;
 import java.io.InputStream;
 import java.util.Map;
 
@@ -62,11 +63,12 @@
      *
      * @throws Exception
      */
-    public InputStream getInputStream() throws Exception {
+    public InputStream getInputStream() throws IOException {
         if (this.in != null) {
             return this.in;
+        } else {
+            throw new IllegalStateException("This part has already been disposed.");
         }
-        throw new IllegalStateException("This part has already been disposed.");
     }
     
     /**

Modified: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartOnDisk.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartOnDisk.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartOnDisk.java (original)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/PartOnDisk.java Wed Sep 14 14:48:24
2005
@@ -17,6 +17,7 @@
 
 import java.io.File;
 import java.io.FileInputStream;
+import java.io.IOException;
 import java.io.InputStream;
 import java.util.Map;
 
@@ -74,7 +75,7 @@
      *
      * @throws Exception
      */
-    public InputStream getInputStream() throws Exception {
+    public InputStream getInputStream() throws IOException {
         if (this.file != null) {
             return new FileInputStream(file);
         }
@@ -88,6 +89,9 @@
         return file.getPath();
     }
     
+    /**
+     * Delete the underlying file.
+     */
     public void dispose() {
         if (this.file != null) {
             this.file.delete();
@@ -95,6 +99,9 @@
         }
     }
     
+    /**
+     * Ensures the underlying file has been deleted
+     */
     public void finalize() throws Throwable {
         // Ensure the file has been deleted
         dispose();

Added: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java?rev=280948&view=auto
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java (added)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java Wed Sep 14
14:48:24 2005
@@ -0,0 +1,94 @@
+/*
+ * Copyright 1999-2005 The Apache Software Foundation.
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.cocoon.servlet.multipart;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Map;
+
+/**
+ * An upload part that was rejected because request length exceeded the maximum upload size.
+ * 
+ * @version $Id$
+ * @since 2.1.8
+ */
+public class RejectedPart extends Part {
+    
+    private int size;
+    public int contentLength;
+    public int maxContentLength;
+
+    public RejectedPart(Map headers, int partSize, int contentLength, int maxContentLength)
{
+        super(headers);
+        this.size = partSize;
+        this.contentLength = contentLength;
+        this.maxContentLength = maxContentLength;
+    }
+
+    public String getFileName() {
+        return (String) headers.get("filename");
+    }
+
+    /**
+     * Get the size of this part.
+     * 
+     * @return the size in bytes
+     */
+    public int getSize() {
+        return this.size;
+    }
+    
+    /**
+     * Get the maximum allowed upload size. Not that this applies to the full request content
length,
+     * including multipart boundaries and other form data values.
+     * <p>
+     * This means that an upload part can be rejected although it's individual size is (a
bit) smaller
+     * than the maximum size. It is therefore advisable to use {@link #getContentLength()}
to build
+     * error messages rather than {@link #getSize()}.
+     * 
+     * @return the maximum content length in bytes
+     */
+    public int getMaxContentLength() {
+        return this.maxContentLength;
+    }
+
+    /**
+     * Get the content length of the request that cause this part to be rejected.
+     * 
+     * @return the content length in bytes
+     */
+    public int getContentLength() {
+        return this.contentLength;
+    }
+    /**
+     * Always throw an <code>IOException</code> as this part was rejected.
+     */
+    public InputStream getInputStream() throws IOException {
+        throw new IOException("Multipart element '" + getFileName() + "' is too large ("
+
+                this.size + " bytes) and was discarded.");
+    }
+
+    /**
+     * Always return <code>true</code>
+     */
+    public boolean isRejected() {
+        return true;
+    }
+
+    public void dispose() {
+        // nothing
+    }
+}

Propchange: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RejectedPart.java
------------------------------------------------------------------------------
    svn:keywords = Id

Modified: cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RequestFactory.java
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RequestFactory.java?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RequestFactory.java (original)
+++ cocoon/trunk/src/java/org/apache/cocoon/servlet/multipart/RequestFactory.java Wed Sep
14 14:48:24 2005
@@ -26,7 +26,7 @@
  * This is the interface of Request Wrapper in Cocoon.
  *
  * @author <a href="mailto:dims@yahoo.com">Davanum Srinivas</a>
- * @version CVS $Id: RequestFactory.java,v 1.3 2004/03/05 13:02:58 bdelacretaz Exp $
+ * @version CVS $Id$
  */
 public class RequestFactory {
 
@@ -74,9 +74,6 @@
         String contentType = request.getContentType();
         
         if ((contentType != null) && (contentType.toLowerCase().indexOf("multipart/form-data")
> -1)) {
-            if (request.getContentLength() > maxUploadSize) {
-                throw new IOException("Content length exceeds maximum upload size.");
-            }
  
             String charEncoding = request.getCharacterEncoding();
             if (charEncoding == null || charEncoding.equals("")) {

Modified: cocoon/trunk/src/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewcvs/cocoon/trunk/src/webapp/WEB-INF/web.xml?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/src/webapp/WEB-INF/web.xml (original)
+++ cocoon/trunk/src/webapp/WEB-INF/web.xml Wed Sep 14 14:48:24 2005
@@ -189,12 +189,12 @@
 
     <!--
       Causes all files in multipart requests to be processed.
-      Default is false for security reasons.
+      Default is true but the maximum allowed size is kept small for security reasons.
       Unsupported values will be interpreted as false.
     -->
     <init-param>
       <param-name>enable-uploads</param-name>
-      <param-value>false</param-value>
+      <param-value>true</param-value>
     </init-param>
 
     <!--
@@ -234,12 +234,12 @@
 
     <!--
       Specify maximum allowed size of the upload. Defaults to 10 Mb.
-
+      Set here to a very low 100 kb to allow samples to run.
+    -->
     <init-param>
       <param-name>upload-max-size</param-name>
-      <param-value>10000000</param-value>
+      <param-value>102400</param-value>
     </init-param>
-    -->
 
     <!--
       This parameter allows to specify where Cocoon should create its page

Modified: cocoon/trunk/status.xml
URL: http://svn.apache.org/viewcvs/cocoon/trunk/status.xml?rev=280948&r1=280947&r2=280948&view=diff
==============================================================================
--- cocoon/trunk/status.xml (original)
+++ cocoon/trunk/status.xml Wed Sep 14 14:48:24 2005
@@ -561,6 +561,15 @@
    </action>
   </release>
   <release version="2.1.8" date="TBD">
+    <action dev="SW" type="update">
+      When the upload size exceeds the configured limit, an RejectedPart is associated to
the request
+      rather than throwing a exception at the servlet level. This allows the application
to handle
+      oversized uploads and provide meaningful messages. The upload widget in CForms has
been updated
+      to use this new feature.
+      <br/>
+      Uploads are now allowed in the provided web.xml, but with a low 100 kbytes limit to
allow samples
+      to be functional without endangering security.
+    </action>
     <action dev="AG" type="update">
       Updated log4j to 1.2.12, asm to 2.0, asm-util to 2.0,
        groovy to 1.0-jsr-03.



Mime
View raw message