上传的文件大小 [英] Size of uploaded file

问题描述

做的网页浏览器在HTTP头中发送的文件大小将文件上载到服务器时？如果是这样的话，那么，有没有可能通过阅读标题拒绝文件，而不是等待整个上传过程完成？

Do web browsers send the file size in the http header when uploading a file to the server? And if that is the case, then, is it possible to refuse the file just by reading the header and not wait for the whole upload process to finish?

推荐答案

http://www.faqs.org/rfcs /rfc1867.html

的 HTTP客户端
   鼓励提供内容长度为整个文件的输入，这样一
   如果所提出的文件数据太大要忙服务器可以检测
   合理处理的

但不是必需的内容长度，所以你不能依赖它。此外，攻击者可以伪造一个错误的内容长度。

But the content-length is not required, so you cannot rely on it. Also, an attacker can forge a wrong content-length.

要读取文件内容是唯一可靠的方法。说了这么多，如果内容-lenght为present是太大，关闭连接会做合理的事情。

To read the file content is the only reliable way. Having said that, if the content-lenght is present and is too big, to close the connection would be a reasonable thing to do.

另外，内容是让大多数现代框架德code它的先发为多部分。这意味着您将无法获得该文件的字节流，直到框架完成，这可能意味着直到整个文件上传。

Also, the content is sent as multipart, so most of the modern frameworks decode it first. That means you won't get the file byte stream until the framework is done, which could mean "until the whole file is uploaded".

这篇关于上传的文件大小的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！