0

There's a project at my company which requires users to be able to almost-freely upload files to the server. There's some restrictions on file type, but more importantly we need a restriction on file size.

Most solutions we're finding to limit the file size involve uploading the document and then checking it size, deleting or acting upon it if the file size is bigger than allowed. Ideally, we would like a solution that constantly checks the uploaded size up until certain moment, and ignores the rest of the file and throws an error if the sum of the parts uploaded are bigger than allowed.

I think this must be possible as the uploading process takes part via a multipart request, but I'm having trouble finding info on how to do this. Any help would be greatly appreciated.

Thanks!

tim_yates
  • 167,322
  • 27
  • 342
  • 338
joaquinlpereyra
  • 956
  • 7
  • 17
  • Without a sample of your implementation, it's impossible to give you an answer. While you should still have a fail-safe server-side, why can't you verify client-side before the upload even starts? Then, can't you just check the file size on disk before writing/confirming the upload was successful? – Christopher Schneider Jan 03 '17 at 16:40
  • might be a tut moment for you here http://stackoverflow.com/questions/7497404/get-file-size-before-uploading - you can do it using javascript even before upload – V H Jan 03 '17 at 16:51
  • Checking only client side leaves us at the hand of a malicious attacker trying to fill up our disks by sending multiple or very big files to the site, though, so that solution isn't enough from a security standpoint. – joaquinlpereyra Jan 03 '17 at 19:42

1 Answers1

0

Try using the Spring Boot way:

spring.http.multipart.max-file-size=128KB
spring.http.multipart.max-request-size=128KB

ref: https://spring.io/guides/gs/uploading-files/

I have not tested it though.

bassmartin
  • 525
  • 2
  • 9