Uploaded image for project: 'Struts 1'
  1. Struts 1
  2. STR-1984

warn that maxlength validator only active after physical upload (unfortunately not "fast-fail")

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.1.0
    • Fix Version/s: Future
    • Component/s: Documentation
    • Labels:
      None
    • Environment:
      Operating System: other
      Platform: Other
    • Bugzilla Id:
      27062

      Description

      at the above URL, I suggest to mention that the validator only becomes effective
      AFTER the upload has been completed.

      When testing the bounday, I had no problems uploading 110k of data into a field
      configured to hold only 100 characters.

      Not particularly Denial-of-Service Attack resistant.

      I guess this is a related topic to the file size validator as per STR-1705 and
      STR-1394.

      As a side note - when loading 110 K into a simple text form field, my two weeks
      old Mozilla build no longer displays any "ink", but just whitespaces.
      Upon the error, struts sends the humongeous string value back as
      <input name="forename" size="75" tabindex="1" value= type="text">
      Obviously, the whitespace is a lot longer. When trying to hilight the value=...
      all of a sudden, the content becomes visible...

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              hauser@acm.org Ralf Hauser
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated: