----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, November 15, 2003 1:45 AM
Subject: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/coyote/tomcat5
CoyoteConnector.java CoyoteRequest.java LocalStrings.properties
> remm 2003/11/15 01:45:02
>
> Modified: catalina/src/share/org/apache/coyote/tomcat5
> CoyoteConnector.java CoyoteRequest.java
> LocalStrings.properties
> Log:
> - Add a limit to the size of a POST which will be processed using
getParameter
> (which does allocate a significant amount of objects).
>
> int len = getContentLength();
>
> if (len > 0) {
> + if (len > ((CoyoteConnector) connector).getMaxPostSize()) {
> + log(sm.getString("coyoteRequest.postTooLarge"));
> + return;
> + }
> try {
> byte[] formData = null;
> if (len < CACHED_POST_LEN) {
>
I'm -1 on this. It gives the Servlet no indication that anything is wrong,
and leaves junk in the input stream for the next keep-alive request. I
think that it would be better to handle this in the Adaptor's
postParseRequest method.
This message is intended only for the use of the person(s) listed above as the
intended recipient(s), and may contain information that is PRIVILEGED and
CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or
distribute this message or any attachment. If you received this communication in
error, please notify us immediately by e-mail and then delete all copies of this
message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent through the
Internet is not secure. Do not send confidential or sensitive information, such as
social security numbers, account numbers, personal identification numbers and
passwords, to us via ordinary (unencrypted) e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
