There is a Java vulnerability where an attacker can exploit the hash predictability. The exploit is apparently easier when the content is larger. So the workaround is to limit the size of HTTP POST requests. Weblogic’s 10.3 config.xml has a max-post-size which does this. The handling of when the condition is reached is pathetic. It closes the connection.

In the case a legitimate user encounters this max POST size, their web browser will say our web server closed the connection. Which is perfectly true. I would prefer the web server to respond with some kind of error message to let the user know it was because the too much data was sent in the form submission.

My idea for where to get enough text was for the analysts to pick something from Project Gutenberg. Next to any file is an indicator of the size. This makes it easy for them to pick one large or small enough. The plain text version of A Princess of Mars is 390KB.

After the fact, I suspected I should have just sent them to Lorem Ipsum Generator. Unfortunately it maxed out at 71KB without an obvious warning it did not give me my 200KB I requested. Procato Publishing’s Lorem Ipsum Generator maxed out at 54KB. Blindtext’s Lorem Ipsum Generator maxed out at 100KB. Looks like if I had suggested this route, then I would have had to do more research to figure out what generator would work for them. Or suggest they paste multiple times which requires trust an unexpected result was correctly done.

From these results, I think Project Gutenberg will remain my go to resource for extremely large test texts.