Menu
I'm currently implementing functionality for uploading files using jersey rest. I would like to set a maximum allowed file size which to me seems like a pretty common requirement.
My first approach was to use Jerseys FormDataContentDisposition which should hold all the information I could possibly need about the file. But all information except the file name seems to be missing, including file size.
This is my rest method:
@POST
@Path("uploadFile/")
@Consumes("multipart/form-data")
@Produces("text/html")
public String handleDocumentUpload(
@FormDataParam("file") InputStream uploadedInputStream,
@FormDataParam("file") FormDataContentDisposition fileDetail)
{
if(fileDetail.getSize() > MAX_FILE_SIZE)
{
throw new IllegalArgumentException(
"File is to big! Max size is " + MAX_FILE_SIZE);
}
// ...more file handling logic
}
Which isn't working since the returned size is always "-1"!
I use a extremely simple html form for the file upload:
<html>
<head>
<title>File upload</title>
</head>
<body>
<p>Choose file</p>
<form enctype="multipart/form-data" method="POST" action="uploadFile">
<input type="file" name="file" size="50">
<input type="submit" value="Upload">
</form>
</body>
</html>
So now to my question; how would you enforce a file size restriction using jersey? There must be some simple way without having to resort to reading the whole file into memory (ByteArray) and then get the actuall size, right?
833
The upload module limits the size of a single attachment to be less than either post_max_size, or upload_max_filesize, whichever is smaller. The default PHP values are 2 MB for upload_max_filesize, and 8 MB for post_max_size.
As implemented, the maximum NTFS file size is 16 TB. With Windows 8, the maximum NTFS file size is 256 TB.
If the client does not send the file size, fall back to reading the file from stream. Once you hit the size limit, stop reading and refuse the file. You should do this anyway, since you can't trust the client (anyone can create an app that sends http requests to your service and those requests may not have correct data you expect - so have to take that into account).
In addition, it may be possible to add some validation to the web form as well to fail fast, but I am not a JavaScript expert, so not sure if/how that can be done.
196
If you're using tomcat you can set the the size threshold at which the file will be written to the disk to a sensible value for your machine.
e.g. if the servlet is in web.xml
<servlet>
<servlet-name>Upload Servlet</servlet-name>
<servlet-class>YourServletName</servlet-class>
<multipart-config>
<!-- 10MB of files -->
<max-file-size>10485760</max-file-size>
<!-- 10KB of form data -->
<max-request-size>10240</max-request-size>
<!-- Buffer to disk over 512KB -->
<file-size-threshold>524288</file-size-threshold>
</multipart-config>
</servlet>
or using annotations:
@MultipartConfig(
maxFileSize=10485760, // 10Mb max
fileSizeThreshold=524288, //512 Kb before buffering to disk
maxRequestSize=10240 // 10Kb of meta data
location=/tmp // with permission to write, default uses tomcat tmp
)
With reference to HttpRequest maximum allowable size in tomcat?
33
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
