Welcome Guest | Login

Trying to check a files size before it crashes my server




I am trying to solve a problem I have found since creating this uploader tool from Mongrel Upload Progress

I have now been told by two sources that checking the file size of a file from someone else's computer is against every security measure around.
But the problem is that with the 6 Mongrels and a druby running, if someone uploads a file more than 300megs more often than not it will crash, the servers Mongrels. Which as you know kills the site!

So I need to figure out a way to either check the file for it's size before it starts an upload, or figure out how to circumvent the upload crash and deliver a way to upload whatever file size to a point of course.

2007-08-29 02:59 PM

After looking around: everything I know of says that you can't determine the file-size until the upload is finished (safely).  Trusting the filesize from another computer is not secure and a danger to your app and possibly others.  A custom rails validation can't be done because it's mongrel & drb that are handling the upload...the request never gets turned over to rails code...so you'd have to patch one of those.  In this environment patching mongrel or drb is not an option.

From the Mongrel site: The whole time that Mongrel is receiving the request and updating the progress is spent in Mongrel, so it can happily serve other requests.

Sorry I can't be more help.

2007-08-29 05:48 PM

No that does help a bunch from the understanding side of things.

So the next issue I guess is that in Mongrel does the file have to be put fully into temp before it migrates over to the sever folder? Or can it be double duty in that it reads to temp and then starts to write to server a tiny bit after it starts to upload .

I am also open to other ideas of "the correct" way to do this sort of uploader, cause all of this Rails stuff is still very new to me and it's not covered in any book I have read yet

2007-08-30 09:03 AM

I don't believe there's any way to start moving the file before the upload has finished.  My first reaction is that you would run into serious file corruption problems if you tried that.

Your right, none of my books address it any better.  This is the limit of what we know about rails file uploads.  I would suggest looking in the google group 'rails-deployment' and see if they might be able to help more.

2007-08-31 08:48 AM


Hello Guest! In order to post you must be an active client with us, please log in or sign up.