Changed patch: temporarily disable form memory limit checking for fil…

…es and images. This seems a better way, then increasing the limit to 16MB. See zopefoundation/Zope#1180 (comment)
plone · Nov 2, 2023 · e1bcbee · e1bcbee
1 parent 796732d
commit e1bcbee
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 9 deletions.
diff --git a/news/3848.bugfix b/news/3848.bugfix
@@ -1,5 +1,4 @@
-Allow uploads up to 16 MB.
+Temporarily disable form memory limit checking for files and images.
 This fixes a regression due to a low Zope form memory limit of 1MB used since Plone 6.0.7.
-You can use ``dos_protection`` settings in ``etc/zope.conf`` to change the limit.
 See `CMFPlone issue 3848 <https://github.com/plone/Products.CMFPlone/issues/3848>`_ and `Zope PR 1142 <https://github.com/zopefoundation/Zope/pull/1142>`_.
 @maurits
diff --git a/src/plone/restapi/patches.py b/src/plone/restapi/patches.py
@@ -3,18 +3,18 @@
 # and https://github.com/zopefoundation/Zope/pull/1180
 # Should be removed once `plone.restapi.deserializer.json_body` no longer
 # reads the complete request BODY in memory.
-from ZPublisher import HTTPRequest
+from ZPublisher.HTTPRequest import ZopeFieldStorage
 
 import logging
 
 
 logger = logging.getLogger(__name__)
-_attr = "FORM_MEMORY_LIMIT"
-_limit = getattr(HTTPRequest, _attr, None)
-if _limit and _limit == 2**20:
-    setattr(HTTPRequest, _attr, 2**24)
+_attr = "VALUE_LIMIT"
+_limit = getattr(ZopeFieldStorage, _attr, None)
+if _limit:
+    setattr(ZopeFieldStorage, _attr, None)
     logger.info(
-        "PATCH: ZPublisher.HTTPRequest.%s is at a too low default of 1MB. "
-        "Increased it to 16MB to enable larger file uploads.",
+        "PATCH: Disabled ZPublisher.HTTPRequest.ZopeFieldStorage.%s. "
+        "This enables file uploads larger than 1MB.",
         _attr,
     )