Vulnerability in EPiServer.Forms
Some time ago we had an issue where the user couldn't upload a large file (20MB) using EPiServer's FileManager. I've tried changing maxRequestLength in Web.config but it still doesn't work.
Has anyone experienced this before and, if so, could you resolve the issue?
We're running EPiServer CMS 5 R2.
If you are using IIS7, take a look at this: http://bloggingabout.net/blogs/ramon/archive/2009/03/13/how-to-enable-large-file-uploads-in-iis7.aspx
Otherwise, could it be an issue with the upload timing out?
We're still running on IIS6 but thanks for the link. I'll bookmark it to save me some time when we actually upgrade to IIS7.
When I try to upload a test file (approximately 20MB) inside EPiServer's FileManager I immediately get an error page saying "Internet Explorer cannot display the webpage".
I think I've changed the appropriate settings in Web.config but do I have to alter Machine.config as well?
Try enabling logging on your site before uploading the file. That will help you get a more informative error message than "Internet Explorer cannot display the webpage".
After following your advice I enabled logging and got the following error message:
2010-10-12 14:25:43,636 ERROR  EPiServer.Global.Global_Error - 1.2.5 Unhandled exception in ASP.NETSystem.Web.HttpException: The client disconnected. ---> System.Web.UI.ViewStateException: Invalid viewstate.
System.FormatException: Invalid length for a Base-64 char array.