MimeParser.properties

The properties written in MimeParser.properties are:


max_request The maximum Content-Length (in bytes) of the HTTP request. Before processing the HTTP request, all the parseXX( ) methods check the Content-Length of each HTTP request and compare it with this property. If the Content-Length of the HTTP request is larger than this property, these methods will throw TooLargeBodyException soon, without reading any bytes of the request body. This feature is very important to protect your JSP/Servlet against some kinds of denial-of-service attacks.
The Content-Length consists of:
  • The size of the uploaded file
  • The size of the submitted text
  • The size of the boundary text, which is generated by the web browser
So, the maximum size of the Content-Length must be larger than the maximum size of the uploaded file. For example, if you'd like to set the maximum file size to 100 KB, the maximum Content-Length should be set to 150 KB or 200 KB. If the CGI FORM has many text input fields, it should be 200 KB larger (or more) than the maximum file size.
This property must be specified in bytes. For example, if you'd like to set the maximum Content-Length to 100 KB, this property will be 102400.
max_file The default maximum size (in bytes) of the file to be uploaded. If this value is set to 0 (zero), the size of the uploaded file will not be checked.
When you call any of:
  • parseAndSave(HttpServletRequest req, String ch)
  • parseAndSave(HttpServletRequest req, String ch, String dir)
  • parseAndSave(HttpServletRequest req, String ch, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, Set mime)
  • parseOnly(HttpServletRequest req)
  • parseOnly(HttpServletRequest req, String ch)
  • parseOnly(HttpServletRequest req, Set mime)
  • parseOnly(HttpServletRequest req, String ch, Set mime)
this default maximum size is used to restrict the file size.

But, the default maximum file size can be overridden by max parameter of:
  • parseAndSave(HttpServletRequest req, String dir, int max)
  • parseAndSave(HttpServletRequest req, String dir, int max, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max, Set mime)
  • parseOnly(HttpServletRequest req, int max)
  • parseOnly(HttpServletRequest req, int max, Set mime)
  • parseOnly(HttpServletRequest req, String ch, int max)
  • parseOnly(HttpServletRequest req, String ch, int max, Set mime)
By these methods, you can set the different upper limits for each requests.

You need to protect your JSP/Servlet against some kinds of denial-of-service attacks, because someone in the world may try to upload the file of 1 GB repeatedly. For this case, MimeParser checks the Content-Length of each HTTP request, before reading any bytes of the HTTP request body. By max_request property (see above), you can specify the maximum Content-Length. If the Content-Length of the HTTP request is larger than max_request property, MimeParser will throw TooLargeBodyException soon. Only if the Content-Length of the HTTP request is smaller than max_request property, MimeParser will check the size of the uploaded file.

This property must be specified in bytes. For example, if you'd like to set the maximum file size to 100 KB, this property will be 102400.
file_root The root directory under which the uploaded file will be saved. In case of UNIX, the value of this property will look like:
  • file_root=/export/home/foo/mime
As for Windows OS, if you'd like to save the uploaded files into:
  • C:\mywebapps\mime\upfiles
this property will be something like:
  • file_root=C:\\mywebapps\\mime\\upfiles
In case of Windows OS, all the \ (back-slash) must be escaped by the preceding \ (back-slash).

The sub-directory can be specified by the third parameter of:
  • parseAndSave(HttpServletRequest req, String ch, String dir)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max)
  • parseAndSave(HttpServletRequest req, String ch, String dir, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max, Set mime)
or the second parameter of
  • parseAndSave(HttpServletRequest req, String dir)
  • parseAndSave(HttpServletRequest req, String dir, int max)
  • parseAndSave(HttpServletRequest req, String dir, Set mime)
  • parseAndSave(HttpServletRequest req, String dir, int max, Set mime)
So, you can specify the different directory per request.
If you use any of parseOnly(...) methods, the value of this property does not take effect at all, because these 8 methods do not save the uploaded files by themselves. Instead, you can get the binary contents of the uploaded file and save them anywhere you like, i.e. you have the full control over where to save the uploaded files.
checkBinary As for the specific mime-types, MimeParser can check if the binary contents of the uploaded file match with the expected pattern or not. To enable this feature, please set this property to true. You also need to edit: which lists the mapping between the mime-type and BinaryChecker implementation. As for this property file, please read the subsequent section.
max_width/max_height The maximum width/height (in pixels) of the image file (JPEG, PNG or GIF) to be uploaded. To check the width/height of the image files, you also need to copy: into:
  • WEB-INF/classes
With this property file is installed, the following methods will check the width/height of the image file to be uploaded and will throw LargeImageException if its width/height exceeds the specified maximum width/height:
  • parseAndSave(HttpServletRequest req, String ch, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, Set mime)
  • parseAndSave(HttpServletRequest req, String dir, int max, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max, Set mime)
  • parseOnly(HttpServletRequest req, Set mime)
  • parseOnly(HttpServletRequest req, String ch, Set mime)
  • parseOnly(HttpServletRequest req, int max, Set mime)
  • parseOnly(HttpServletRequest req, String ch, int max, Set mime)
To enable this feature, your JSP/Servlet container (such as Apache Tomcat, Jetty or WebLogic) must be run on JDK 1.4 or later.
charset The default charset for decoding the text parameters. The text parameter includes:
  • INPUT with the type of TEXT
  • INPUT with the type of HIDDEN
  • INPUT with the type of PASSWORD
  • INPUT with the type of CHECKBOX
  • INPUT with the type of RADIO
  • INPUT with the type of SUBMIT
  • SELECT
  • TEXTAREA
This value can be overridden by the second parameter of:
  • parseAndSave(HttpServletRequest req, String ch, String dir)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max)
  • parseAndSave(HttpServletRequest req, String ch, String dir, Set mime)
  • parseAndSave(HttpServletRequest req, String ch, String dir, int max, Set mime)
  • parseOnly(HttpServletRequest req, String ch)
  • parseOnly(HttpServletRequest req, String ch, int max)
  • parseOnly(HttpServletRequest req, String ch, Set mime)
  • parseOnly(HttpServletRequest req, String ch, int max, Set mime)
In case that TEXT INPUT, SELECTION or HIDDEN INPUT whose name is charset is found in the request, its value will be used regardless of above. For example, the FORM below includes the HIDDEN INPUT whose name is charset. On the destination JSP, MimeParser picks up the value of this HIDDEN INPUT and decodes the rest of the text parameters by Shift_JIS.
Form with charset
user Your serial ID, which is shown at the time of download. Required only in case you use the trial version.

Please place this property file under: