perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Interrupting a POST with file upload
Date Wed, 08 Feb 2012 22:03:58 GMT
Joe Schaefer wrote:
> I don't think people groked my point very well.  When you POST
> via HTTP/1.1, httpd will send a "Continue: 100" header before it
> starts doing blocking reads on the client socket (any attempts to
> read from the client will trigger this behavior). If you really
> want to interrupt an upload, the time to do it is *before* httpd
> sends that header.  Afterwards httpd commits to reading the entire
> request in *before it lets you send a response* in order to maintain
> protocol compliance.

So basically, it means that there is no way to stop an upload, once the browser has 
started to send the file, right ?

The best you could do, is before you start reading, check if there was a Content-length 
header in the request, and if there was, check if the size it says is lower/equal to what

you are prepared to accept (aka what this user is still allowed to upload e.g.).
- if it is ok, then start reading
- if it is not ok, send an error response to block the POST, before you read
(preferably a nice one, to let the user know why it does not work)

All this depends on 2 things :
- that there was a Content-length header in the request (which is not necessarily the case

if "chunked" encoding is allowed on the part of a client)
- that the fact of retrieving the request header does not automatically cause the reading

and parsing of the whole request body

All the above just guessing, and awaiting confirmation...

(And all the above, and the rest of this discussion, assuming that the POST can be large 
enough that it all matters (like uploading a multi-MB file e.g.))

> 
> 
> For reasons that escape me it doesn't look like mod_perl exposes
> r->remaining, which is the thing to check when looking at the
> pending number of bytes the client wants to send.  If I'm not wrong
> that should be easy enough for us to address. apreq won't read
> anything in in this situation tho, so you're good on that front.
> CGI.pm I'd bet doesn't try to read either if the pending data
> is too big, but I haven't looked at that codebase in a long time.
> 
> 
> ----- Original Message -----
>> From: Vincent Veyron <vv.lists@wanadoo.fr>
>> To: mike cardeiro <mcardeiro@yahoo.com>
>> Cc: Torsten Förtsch <torsten.foertsch@gmx.net>; "modperl@perl.apache.org"
<modperl@perl.apache.org>
>> Sent: Wednesday, February 8, 2012 4:24 PM
>> Subject: Re: Interrupting a POST with file upload
>>
>> Le mercredi 08 février 2012 à 05:53 -0800, mike cardeiro a écrit :
>>>   This is a fantastic list!
>> Agreed.
>>
>> On the same note : I was recently presenting the legal case management
>> app in my sig to an institutional client in the south of France, and the
>> IT guy said that it had a 'fantastic architecture' (I assume he was
>> talking about mod_perl).
>>
>> -- 
>> Vincent Veyron
>> http://marica.fr/
>> Logiciel de gestion des sinistres et des contentieux pour le service juridique
>>
> 


Mime
View raw message