httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fakessh <>
Subject Re: [users@httpd] A newbie question about http post
Date Mon, 04 Oct 2010 18:32:07 GMT
use the ajax librairie for upload
and active the javascript into the formulaire and control all the
variables to the upload

it's nice way

Le lundi 04 octobre 2010 à 14:23 -0400, Pito Salas a écrit :
> I was having a debate with a friend of mine. Can you clear this up?
> Is it true that I can do an http post to any apache/httpd server and
> get it to upload a file? It would seem like an application should give
> permission, or at least that httpd could be configured so that an
> application needs to give permission.
> In other words:
> <form action="" method="post" multipart="yes">
>   <input type="file" name="big"/>
>   <input type="submit" value="go"/>
> </form>
> Will the server accept and process all the gazillion bits of the file
> even if no application has said it wants it?
> I know it's probably a dumb question (he says it is) but it seems to
> be such a big opening for a DOS attack that I can't believe it's
> possible.
> Thanks for any insights (or references where the answer is explained)
> - Pito

gpg --keyserver --recv-key 092164A7

View raw message