Yay file uploads. As if letting the users to type in stuff into the web application giving me SQL injection nightmares weren’t enough, now I have to let users upload files.
So during my investigations into the limits of file uploading, I found that I couldn’t upload a file more than 30MB on my test server. It failed faster than Superman could jump a building in a single bound, and with just as much sound.
In short, here are my findings. The default file size limit set in IIS (6 and below? Read on for more details) is 4MB. In IIS7 (on Windows Server 2008), the file size limit is 30MB (technically it’s 28.61MB because it’s 30000000 bytes but who’s keeping track. Hey you read on!).
So how do you change the limits? In the web.config file. We’re doing ASP.NET applications.
<httpRuntime executionTimeout="3600" maxRequestLength="20480" />
That will give you a timeout period of 1 hour (3600 seconds) and a file size limit of 20MB (20480 KB. Yes, that attribute is in kilobytes).
For IIS7, we do this:
<security> <requestFiltering> <requestLimits maxAllowedContentLength="134217728" /> </requestFiltering> </security>
That gives you a 128MB limit (128 * 1024 * 1024). Yes it’s in number of bytes.
So why was I doing file uploads? Documents from university staff or students. The most important of which is the final doctoral thesis.
I asked how large can that thesis be, assuming it’s in PDF form. I got an answer where a 40MB limit seems too small. Really?
I had trouble auto-generating an Excel file of 40MB just to test the server limits. Do you know how large 40MB is?
If it’s a video or sound file, then yes I can believe it. I have video files of over 100MB, some over 200MB. But a PDF? With mostly text?
Go check out the Open XML specs from ECMA. The largest document is about 28MB. It’s over 5000 pages. I doubt any thesis can match that number of pages.