Excessively large upload provides bad error message
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
KARL3 |
Fix Released
|
Medium
|
Shane Hathaway |
Bug Description
An upload limit was implemented for Bug #336978, but when the user exceeds that limit, the server responds with an HTTP 400 Bad Request error and the browser displays an error message that does not report what went wrong. This is so confusing to users that it's interfering with our ability to solve other problems, such as bug #366359.
Excessive uploads should be controlled 2 ways:
1) There should be a "hard" limit to prevent server abuse. This limit should be implemented as an Apache directive, since Apache can do this very easily. The hard limit should be much higher than 5 MB, because hitting this limit will result in the same kind of unhelpful error message that users see now.
2) There should be a "soft" limit that results in a friendly form validation error. This is where the 5 MB limit goes.
When an upload exceeds the soft limit but not the hard limit, KARL will still have to allocate memory to parse the entire form, but the uploaded file will be discarded.
Changed in karl3: | |
assignee: | nobody → shane-hathawaymix |
importance: | Undecided → Medium |
milestone: | none → m12 |
status: | New → In Progress |
Changed in karl3: | |
status: | Fix Committed → Fix Released |
Fixed in revision 2487.