You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@struts.apache.org by bu...@apache.org on 2004/02/19 09:13:23 UTC
DO NOT REPLY [Bug 27062] New: -
warn that maxlength validator only active after physical upload
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27062>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=27062
warn that maxlength validator only active after physical upload
Summary: warn that maxlength validator only active after physical
upload
Product: Struts
Version: 1.1 Final
Platform: Other
URL: http://jakarta.apache.org/struts/userGuide/dev_validator
.html#builtin
OS/Version: Other
Status: NEW
Severity: Enhancement
Priority: Other
Component: Validator Framework
AssignedTo: struts-dev@jakarta.apache.org
ReportedBy: hauser@acm.org
at the above URL, I suggest to mention that the validator only becomes effective
AFTER the upload has been completed.
When testing the bounday, I had no problems uploading 110k of data into a field
configured to hold only 100 characters.
Not particularly Denial-of-Service Attack resistant.
I guess this is a related topic to the file size validator as per Bug 22633 and
Bug 18981.
As a side note - when loading 110 K into a simple text form field, my two weeks
old Mozilla build no longer displays any "ink", but just whitespaces.
Upon the error, struts sends the humongeous string value back as
<input name="forename" size="75" tabindex="1" value= type="text">
Obviously, the whitespace is a lot longer. When trying to hilight the value=...
all of a sudden, the content becomes visible...
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-dev-help@jakarta.apache.org