Yann Forget wrote:
Le Thursday 22 July 2004 14:37, Timwi a écrit :
Tim Starling wrote:
I've raised the limit site-wide to 5 MB.
Why do we need a technically enforced upload limit at all? Why can't we
leave the decision on whether to keep a large file or not to the
respective wiki community?
It is necessary for security raisons, at least, otherwise you will see people
trying a DoS in uploading complete cdroms.
Firstly, uploading such files would be cumbersome and take ages, and
deleting them again is easy as pie (and easy on the servers, too).
Secondly, nothing is stopping people from already doing that. Regardless
of whether PHP accepts the upload or not due to the limit, people can
already send gigabytes worth of data to the server. I doubt the server
cuts off the connection at 2 MB already, because (a) the way I
understand it the request is received in its entirety before it is
passed to PHP at all, and (b) such behaviour would make the server
non-HTTP-compliant.
Timwi