Ns getform
Man page: http://aolserver.com/docs/tcl/ns_getform.html <-- broken link
NAME
- ns_getform - Return an ns_set that contains all of the query data that was part of the HTTP request
SYNOPSIS
- ns_getform
DESCRIPTION
- This command returns a handle to an ns_set which contains all of the query data from the current HTTP request. This includes query parameters passed in the URL as well as multipart form data. If there is no data, an empty string is returned and no ns_set is created.
- FIXME: Does it include query parameters passed in the URL as well as form data? If the browser does a GET request, AOLserver looks at the query vars, if a POST, it looks at form data in the body of the request I believe.
- Is an empty string returned if there is no form data? The set is not created on demand when ns_getform is called, it is created as the request is parsed. You will always get some kind of reference to a set back, even if that set is empty.
For AOLserver 4.0.3, ns_conn form and ns_getform are identical. For GET requests, parameters passed in the query string are parsed into an ns_set in order of appearance in the URI. For application/x-www-form-urlencoded (i.e. normal) POST requests, parameters passed on the query string are ignored. Form inputs are parsed into an ns_set in order of appearance in the client request. This is usually, but not always, in order of appearance in the DOM of the HTML document, but it depends on the client (i.e. browser) rather than the server. For multipart/form-data POST requests, treatment is the same. After all form inputs, each file input has two additional elements. These are input_name.content-type, which is the content type as specified by the client, followed by input_name.tmpfile, which is the location of a temporary file containing the transmitted file content. The temporary file name is generated by ns_tmpnam and a script registered by ns_atclose deletes the temporary file when the connection is closed.
Here is one way to prevent the processing of large files:
set content_length [ns_set iget [ns_conn headers] content-length] if {$content_length eq "" || $content_length > 1000000} { # return some error message about file too big }
What happens if the client sends a false Content-Length: header?
Is there a way to limit the size of an incoming POST before the files are saved to the file system?
SEE ALSO
-