Don't know about the input stream part too much, Frank, but as you are writing to an output stream, which is the upload application part, you can certainly monitor percentages. I do it as indicated in posts on this thread.
Jack On Mon, 7 Mar 2005 14:03:23 -0500 (EST), Frank W. Zammetti <[EMAIL PROTECTED]> wrote: > Yep, just not possible to know the size before-hand, as Tim already said > (and you knew :)). > > Even the status monitor you were talking about wouldn't really be > possible. Well, not if the intention is to give a REAL status (i.e., > percentage complete), for obvious reasons: if you don't know the total, > you can't calculate a percentage. What IS possible of course is a nice > little "Please wait while uploading file" type thing. But, it would be > strictly client-side. I actually do this, not just for uploads but for > ALL my form submissions, in a couple of apps I've written. All I do is > have a hidden layer with the "please wait" content, then just show it on > the form's submission (hiding the layer that contains the displayed > content), and off you go. > > As for the applet approach, that would certainly work (as would an ActiveX > control for the IE folks), but I personally wouldn't use such a beast, > only because I loath applets. :) > > You raise a good point about it being a security hole. Since the data is > being streamed from the browser to the server, than at some point you must > be able to say "hey, we've recieved 10MB, and that's our limit, so let's > cut this connection off", just to avoid the issue. I'm not sure where you > would do such a thing, maybe a filter? Not sure Commons Upload would > support such a thing, but it not, that might not make a bad patch > suggestion. > > -- > Frank W. Zammetti > Founder and Chief Software Architect > Omnytex Technologies > http://www.omnytex.com > > On Mon, March 7, 2005 1:50 pm, Leon Rosenberg said: > >> > >> HTML/HTTP doesn't support that, IMHO. The <input > >> type="file"...> tag just grabs the file and starts sending > >> it. The server has no clue how large the file is until the > >> entire thing arrives. > > > > That is what I know too. And this is ugly. > > IMHO it's a fat security hole, since it's really easy for a script kidie > > to > > create > > an upload script and kill yourself with meaningless data instead of pix or > > whatever you permit to upload. > > > > Maybe a small signed java applet could close this hole? > > I would participate in writing one, if it's for interest to more people. > > > > Regards > > Leon > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- "You can lead a horse to water but you cannot make it float on its back." ~Dakota Jack~ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
