0

I have a Java web application, which is working on Apache Tomcat. Application uploads a file. File size should be less than 10Mb, and the extension should be, for example, "jpg".

  @PostMapping(value = "/register", 
               consumes = {MediaType.MULTIPART_FORM_DATA_VALUE, MediaType.APPLICATION_JSON_VALUE})
  public ResponseEntity<User> register(
             @RequestPart(value = "file", required = false) MultipartFile uploadFile, 
             @RequestPart(value = "registrationData") UserRegistrationData registrationData
  ) {
    //If extension is wrong, the method throws WronExtensionException()
    methodToValidateFileExtension(uploadFile);
  }

If the extension is not supported, I should get WronExtensionException without file size checking. But i receive the error:

UT000020: Connection terminated as request was larger than 10485760

Stactrace:

ERROR io.undertow.request - UT005023: Exception handling request to /mycompany/auth/api/v1/register
[m java.lang.IllegalStateException: io.undertow.server.RequestTooBigException: UT000020: Connection terminated as request was larger than 10485760
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:794) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.servlet.spec.HttpServletRequestImpl.getParameter(HttpServletRequestImpl.java:665) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at javax.servlet.ServletRequestWrapper.getParameter(ServletRequestWrapper.java:194) ~[javax.servlet-api-3.1.0.jar!/:3.1.0]
at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:75) ~[spring-web-4.3.17.RELEASE.jar!/:4.3.17.RELEASE]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) ~[spring-web-4.3.17.RELEASE.jar!/:4.3.17.RELEASE]
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at org.zalando.logbook.servlet.SecurityStrategy.doFilter(SecurityStrategy.java:32) ~[logbook-servlet-1.8.1.jar!/:?]
at org.zalando.logbook.servlet.LogbookFilter.doFilter(LogbookFilter.java:39) ~[logbook-servlet-1.8.1.jar!/:?]
at org.zalando.logbook.servlet.HttpFilter.doFilter(HttpFilter.java:31) ~[logbook-servlet-1.8.1.jar!/:?]
....
Caused by: io.undertow.server.RequestTooBigException: UT000020: Connection terminated as request was larger than 10485760
at io.undertow.conduits.FixedLengthStreamSourceConduit.checkMaxSize(FixedLengthStreamSourceConduit.java:168) ~[undertow-core-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.conduits.FixedLengthStreamSourceConduit.read(FixedLengthStreamSourceConduit.java:229) ~[undertow-core-1.4.25.Final.jar!/:1.4.25.Final]
at org.xnio.conduits.ConduitStreamSourceChannel.read(ConduitStreamSourceChannel.java:127) ~[xnio-api-3.3.8.Final.jar!/:3.3.8.Final]
at io.undertow.channels.DetachableStreamSourceChannel.read(DetachableStreamSourceChannel.java:209) ~[undertow-core-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.server.HttpServerExchange$ReadDispatchChannel.read(HttpServerExchange.java:2332) ~[undertow-core-1.4.25.Final.jar!/:1.4.25.Final]
at org.xnio.channels.Channels.readBlocking(Channels.java:294) ~[xnio-api-3.3.8.Final.jar!/:3.3.8.Final]
at io.undertow.servlet.spec.ServletInputStreamImpl.readIntoBuffer(ServletInputStreamImpl.java:192) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.servlet.spec.ServletInputStreamImpl.read(ServletInputStreamImpl.java:168) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.server.handlers.form.MultiPartParserDefinition$MultiPartUploadHandler.parseBlocking(MultiPartParserDefinition.java:213) ~[undertow-core-1.4.25.Final.jar!/:1.4.25.Final]
at io.undertow.servlet.spec.HttpServletRequestImpl.parseFormData(HttpServletRequestImpl.java:792) ~[undertow-servlet-1.4.25.Final.jar!/:1.4.25.Final]
... 47 more

One more detail - I don't know where file size property is defined.

So, my questions are:

  1. Is a file already loaded at the moment when methodToValidateFileExtension() is starting?
  2. Can I get the extension of a file before loading the file?
Eugene_Z
  • 235
  • 2
  • 12
  • Is it a spring boot application with an embedded tomcat ? – Arnaud Nov 28 '18 at 13:00
  • Yes, where is SpringBoot with embedded Tomcat – Eugene_Z Nov 28 '18 at 13:03
  • You'll need to edit application.properties or create a Bean to adjust the upload limit. https://stackoverflow.com/questions/33232849/increase-http-post-maxpostsize-in-spring-boot – jpllosa Nov 28 '18 at 13:05
  • But I don't need to increase upload limit. I need just check the extension before file loading – Eugene_Z Nov 28 '18 at 13:10
  • I think you can get the filename from HttpServletRequest.getPart("file"). Filename might be in the PartHeader. See Javadocs. – jpllosa Nov 28 '18 at 13:40
  • Why does it matter to you that the extension is checked first and the size later? As you can see - the size check is done first by the container. Why is it not desired for you? – Adam Michalik Nov 28 '18 at 14:48
  • Unfortunately, this is a customer requirement – Eugene_Z Nov 29 '18 at 10:46

0 Answers0