view demo/upload.ur @ 2116:ebfaab689570

The 2nd half of proper CSRF protection related to environment variables
author Adam Chlipala <adam@chlipala.net>
date Thu, 12 Feb 2015 15:09:26 -0500
parents 9f2555f06901
children
line wrap: on
line source
fun echo r =
  if blobSize (fileData r.File) > 100000 then
      return <xml>Whoa!  That one's too big.</xml>
  else
      returnBlob (fileData r.File) (blessMime (fileMimeType r.File))

fun main () = return <xml><body>
  <h1>The Amazing File Echoer!</h1>

  <form>Upload a file: <upload{#File}/> <submit action={echo}/></form>
</body></xml>