You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@commons.apache.org by "Jochen Wiedmann (JIRA)" <ji...@apache.org> on 2007/01/09 22:59:27 UTC
[jira] Resolved: (FILEUPLOAD-115) Filupload does no validation of
accept attribute nor maxFileSize defined for the ExtensionFilter
[ https://issues.apache.org/jira/browse/FILEUPLOAD-115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jochen Wiedmann resolved FILEUPLOAD-115.
----------------------------------------
Resolution: Cannot Reproduce
No response by user, closing.
> Filupload does no validation of accept attribute nor maxFileSize defined for the ExtensionFilter
> ------------------------------------------------------------------------------------------------
>
> Key: FILEUPLOAD-115
> URL: https://issues.apache.org/jira/browse/FILEUPLOAD-115
> Project: Commons FileUpload
> Issue Type: Bug
> Environment: jboss-4.0.4
> tomahawk-1.1.3 (also tested with 1.1.5 nigthly from today)
> commons-fileupload-1.1.1
> Reporter: Christian Nolte
>
> inputFileUpload does no validation check and so no messages are issued to the client when the mime-type does not match (accept-attribute) nor when the file size exceeds maxFileSize defined for the ExtensionFilter. I implemented a test using the information from http://wiki.apache.org/myfaces/Setup_For_File_Uploads. The code looks like that:
> ---
> <h:form enctype="multipart/form-data" id="upload">
> <t:inputFileUpload
> id="file"
> storage="file"
> accept="image/*"
> value="#{FileUploader.uploadedFile}"/>
> <h:message for="file" showDetail="true" />
> <h:commandButton id="uploadButton" action="#{FileUploader.upload}"/>
> </h:form>
> ---
> No error messages are displayed and so a client is able to upload any files he wants. I also tested this behaviour with the latest tomahawk-examples-1.1.5-NIGHTLY (fileupload-example) and got the same behaviour there.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org