File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes Security Issues with File Upload Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of REST with Spring (video course) this week in the Spring forum!
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Security Issues with File Upload" Watch "Security Issues with File Upload" New topic

Security Issues with File Upload

Ranch Hand

Joined: Apr 26, 2005
Posts: 54

I'd like to hear of any security issues with file upload, what I can think of include:
1) out of memory issues if the file is too large. If I use the controller element to specify the max file size, if the file is too large is it. uploaded and then aborted when this size is reached or not uploaded at all?
2) uploading files with viruses. I assume struts doesnt have anything to crack open the file and ensure its a rtf?
3) Denial of Service attacks if many files are uploaded at once

Any others would be appreciatred!


I agree. Here's the link:
subject: Security Issues with File Upload
It's not a secret anymore!