Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
1.1.0
-
None
-
Operating System: other
Platform: Other
-
27062
Description
at the above URL, I suggest to mention that the validator only becomes effective
AFTER the upload has been completed.
When testing the bounday, I had no problems uploading 110k of data into a field
configured to hold only 100 characters.
Not particularly Denial-of-Service Attack resistant.
I guess this is a related topic to the file size validator as per STR-1705 and
STR-1394.
As a side note - when loading 110 K into a simple text form field, my two weeks
old Mozilla build no longer displays any "ink", but just whitespaces.
Upon the error, struts sends the humongeous string value back as
<input name="forename" size="75" tabindex="1" value= type="text">
Obviously, the whitespace is a lot longer. When trying to hilight the value=...
all of a sudden, the content becomes visible...