I'm currently implementing functionality for uploading files using jersey rest. I would like to set a maximum allowed file size which to me seems like a pretty common requirement.
My first approach was to use Jerseys FormDataContentDisposition which should hold all the information I could possibly need about the file. But all information except the file name seems to be missing, including file size.
This is my rest method:
public String handleDocumentUpload(
@FormDataParam("file") InputStream uploadedInputStream,
@FormDataParam("file") FormDataContentDisposition fileDetail)
if(fileDetail.getSize() > MAX_FILE_SIZE)
throw new IllegalArgumentException(
"File is to big! Max size is " + MAX_FILE_SIZE);
// ...more file handling logic
<form enctype="multipart/form-data" method="POST" action="uploadFile">
<input type="file" name="file" size="50">
<input type="submit" value="Upload">
If the client does not send the file size, fall back to reading the file from stream. Once you hit the size limit, stop reading and refuse the file. You should do this anyway, since you can't trust the client (anyone can create an app that sends http requests to your service and those requests may not have correct data you expect - so have to take that into account).