如何在不传输整个文件的情况下限制使用JavaScript（或Java）上传文件的大小？ [英] How do you restrict the size of a file being uploaded with JavaScript (or Java) without transferring the entire file?

问题描述

有没有一种方法可以在客户端浏览器上验证从JSP页面上传文件的大小是否超过了设置的大小限制，而不会强制用户上传整个文件只是为了发现它太大？

我想远离任何专有的控制或技术，如Flash或ActiveX如果可能的话。

谢谢！

解决方案

这不是一个完美的解决方案，但是如果使用 request.getHeader（Content-Length）那么你可以选择不传输整个文件。

通过解释，非常大的文件不会一次全部传输。你必须打开一个代表这个POST数据块的数据流，并从中读取整个数据。

另一方面，再次担心拒绝服务攻击，那么你不能真正信任Content-Length头，因为它很容易被伪造。在这种情况下，您应该设置一个限制并传输此文件，一旦超过该限制就会停止。

Is there a way to validate on the client side browser whether the size of a file being uploaded from a JSP page is over a set size limit without forcing the user to upload the entire file only to find out it was too large?

I would like to stay away from any proprietary controls or techniques like Flash or ActiveX if possible.

Thanks!

解决方案

This isn't a perfect solution, but if you check the Content-Length HTTP header with request.getHeader("Content-Length") then you can choose to not transfer the entire file.

By way of explanation, an extremely large file will not be transferred all at once. You'd have to actually open a stream representing that chunk of POST data and read from it for the entire thing to be transfered.

On the other hand, if you're worried about denial-of-service attacks, then you can't really trust the Content-Length header, because it can easily be forged. In this case, you should set a limit and stream a transfer of this file, stopping as soon as you've exceeded that limit.

这篇关于如何在不传输整个文件的情况下限制使用JavaScript（或Java）上传文件的大小？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！