Issues
- remote component method hangs trying to parse upload for soap signatureLDEV-4898Resolved issue: LDEV-4898Pothys - MitrahSoft
- blockedExtensions arguments doesn't works in fileUpload/fileUploadAllLDEV-4238Resolved issue: LDEV-4238Pothys - MitrahSoft
- Regression - this.blockedextforfileupload doesn't works for the file uploadLDEV-4237Resolved issue: LDEV-4237Pothys - MitrahSoft
- Add Parameter Alias "mimeType" for "accept" in fileUploadLDEV-4218Resolved issue: LDEV-4218Pothys - MitrahSoft
- Incompatibility - cffile action=upload attemptedserverfile key returns a different result than ACFLDEV-4201Resolved issue: LDEV-4201Pothys - MitrahSoft
- Form scope missing after interrupted file uploadLDEV-3943Michael Offner
- Uploading large file throws timeoutLDEV-3741Resolved issue: LDEV-3741Pothys - MitrahSoft
- «Malformed input or input contains unmappable characters» on FileUpload with german «Umlaute» in filenameLDEV-3471Michael Offner
- GetHTTPRequestData(): uses memory reading request body every time it is calledLDEV-3176
- Add Parameter Alias "onConflict" for "nameConflict" in fileUploadLDEV-3156Resolved issue: LDEV-3156Pothys - MitrahSoft
- add nameconflict="forceunique" for file uploads to use a filename with a uuidLDEV-3122Resolved issue: LDEV-3122Pothys - MitrahSoft
- Temporary .upload files persisted indefinitely when using CFThread.LDEV-3041Michael Offner
- File uploads doesn't support allowedExtensions or strict="false"LDEV-3018Resolved issue: LDEV-3018Pothys - MitrahSoft
- the word blacklist is offensive and should not be usedLDEV-3017Resolved issue: LDEV-3017Pothys - MitrahSoft
- Parallel processing array.each() duplicates tmp-xxx.upload files on every loop, crashing the serverLDEV-2903Resolved issue: LDEV-2903Michael Offner
- cffile makeunique filename isn't synchronisedLDEV-2878Michael Offner
- randomize filenames for file uploadsLDEV-2877Resolved issue: LDEV-2877Pothys - MitrahSoft
- Uploaded files no longer inherit the destination directory's permissionsLDEV-2713Resolved issue: LDEV-2713Pothys - MitrahSoft
- ACF Compatibility for wildcard in this.blockedExtForFileUploadLDEV-2454Zac Spitzer
- fileUpload for S3 brokenLDEV-2336Pothys - MitrahSoft
- all form fields treated as file uploads with multipart/form-dataLDEV-2297Resolved issue: LDEV-2297
- Lucee handles files uploads incorrectly when Content-Type is missingLDEV-2180Resolved issue: LDEV-2180Michael Offner
- ACF Compatibility for this.blockedExtForFileUpload in Application.cfcLDEV-2174Resolved issue: LDEV-2174Igal Sapir
- Lucee 4 and 5 consumes too much heap memory with large uploads due to bug in HTTPServletRequestWrap.javaLDEV-2087Resolved issue: LDEV-2087
- Allow uploading all files of an <input type="file" multiple>LDEV-1948
- Support max file upload size limit like Adobe CFLDEV-1239
- Support the <CFFileUpload> tagLDEV-1237Pothys - MitrahSoft
- cffile can't upload more than 1 file at a timeLDEV-1028Resolved issue: LDEV-1028Michael Offner
- CFFILE upload crashes Lucee 5.1.0.xLDEV-940Resolved issue: LDEV-940Michael Offner
- cffile upload not workLDEV-939Resolved issue: LDEV-939Michael Offner
- Large File Uploads Crash ServerLDEV-548Resolved issue: LDEV-548Pothys - MitrahSoft
31 of 31
remote component method hangs trying to parse upload for soap signature
Fixed
Description
Environment
None
Attachments
2
Details
Assignee
Pothys - MitrahSoftPothys - MitrahSoftReporter
Vikas PatelVikas PatelPriority
NewLabels
Fix versions
New Issue warning screen
Before you create a new Issue, please post to the mailing list first https://dev.lucee.org
Once the issue has been verified, one of the Lucee team will ask you to file an issue
Sprint
NoneAffects versions
Details
Details
Assignee
Pothys - MitrahSoft
Pothys - MitrahSoft
Reporter
Vikas Patel
Vikas Patel
Priority
NewLabels
Fix versions
New Issue warning screen
Before you create a new Issue, please post to the mailing list first https://dev.lucee.org
Once the issue has been verified, one of the Lucee team will ask you to file an issue
Sprint
None
Affects versions
Created 14 June 2024 at 11:56
Updated 12 March 2025 at 13:07
Resolved 26 August 2024 at 08:05
Activity
Show:
Pothys - MitrahSoft26 August 2024 at 08:04
@Michael Offner I have checked this ticket with Lucee version 6.1.1.67. When I submit a form on the CFC page, it no longer takes a long time and does not throw an error
Michael Offner23 August 2024 at 14:36
@Pothys - MitrahSoft can you please give this a try
Zac Spitzer25 July 2024 at 09:37Edited
@Michael Offner added POC mime type sniffing for text, but SOAP should be an exact mimetype right? what’s more, this can still be a problem with a wrong mime type? well, xml actually…?
Zac Spitzer23 July 2024 at 16:05
here’s the repo
Zac Spitzer23 July 2024 at 15:58Edited
seems to be hanging trying to parse the upload, in the isSoap check, searching the uploaded input for
return StringUtil.indexOfIgnoreCase(input, ":Envelope>") != -1;
such parsing should only happen for text mime types? i.e. text/xml and application/soap+xml tho i’m not sure about soap uploads TBH
When we submit a form on cfc page, it takes a long time compared to cfm page.
To test here is the file:
Create uploadFile.cfm page with following content
<html> <body> <input type="file" name="file1" id="file1" /> <br /> <button onclick="file1Upload()"> Upload to cfm page </button> <button onclick="file2Upload()"> Upload to cfc page </button> <script> function file1Upload() { let field = document.getElementById("file1").files[0]; let formData = new FormData(); formData.append("file", field); fetch('/uploadAction.cfm', {method: "POST", body: formData}); } function file2Upload() { let field = document.getElementById("file1").files[0]; let formData = new FormData(); formData.append("file", field); fetch('/uploadAction.cfc?method=uploadFile', {method: "POST", body: formData}); } </script> </body> </html>Create uploadAction.cfm page with no content
Create uploadAction.cfc page with following content
<cfcomponent displayname="uploadAction" output="false"> <cffunction name="uploadFile" access="remote"> <cfreturn {"status": "done"} /> </cffunction> </cfcomponent>Now upload 10 MB pdf file, For me it takes 119ms for cfm page, and cfc calls times out.