diff --git a/r2/r2/controllers/api.py b/r2/r2/controllers/api.py
index b3d461ed9..87748f878 100755
--- a/r2/r2/controllers/api.py
+++ b/r2/r2/controllers/api.py
@@ -1728,7 +1728,7 @@ class ApiController(RedditController, OAuth2ResourceController):
     @require_oauth2_scope("modconfig")
     @validate(VSrModerator(perms='config'),
               VModhash(),
-              file = VLength('file', max_length=1024*500),
+              file = VUploadLength('file', max_length=1024*500),
               name = VCssName("name"),
               img_type = VImageType('img_type'),
               form_id = VLength('formid', max_length = 100), 
diff --git a/r2/r2/controllers/promotecontroller.py b/r2/r2/controllers/promotecontroller.py
index 985c4d584..d853cd505 100644
--- a/r2/r2/controllers/promotecontroller.py
+++ b/r2/r2/controllers/promotecontroller.py
@@ -87,6 +87,7 @@ from r2.lib.validator import (
     VSponsorAdminOrAdminSecret,
     VSubmitSR,
     VTitle,
+    VUploadLength,
     VUrl,
 )
 from r2.models import (
@@ -775,7 +776,7 @@ class PromoteController(ListingController):
 
     @validate(VSponsor("link_id"),
               link=VByName('link_id'),
-              file=VLength('file', 500 * 1024),
+              file=VUploadLength('file', 500*1024),
               img_type=VImageType('img_type'))
     def POST_link_thumb(self, link=None, file=None, img_type='jpg'):
         if link and (not promote.is_promoted(link) or
diff --git a/r2/r2/lib/validator/validator.py b/r2/r2/lib/validator/validator.py
index 27644fe1f..a9c6ba6ff 100644
--- a/r2/r2/lib/validator/validator.py
+++ b/r2/r2/lib/validator/validator.py
@@ -20,6 +20,7 @@
 # Inc. All Rights Reserved.
 ###############################################################################
 
+import cgi
 import json
 
 from pylons import c, g, request, response
@@ -112,7 +113,11 @@ class Validator(object):
         a = []
         if self.param:
             for p in utils.tup(self.param):
-                if self.post and request.POST.get(p):
+                # cgi.FieldStorage is falsy even if it has a filled value
+                # property. :(
+                post_val = request.POST.get(p)
+                if self.post and (post_val or
+                                  isinstance(post_val, cgi.FieldStorage)):
                     val = request.POST[p]
                 elif self.get and request.GET.get(p):
                     val = request.GET[p]
@@ -553,6 +558,14 @@ class VLength(Validator):
         else:
             return text
 
+class VUploadLength(VLength):
+    def run(self, upload, text2=''):
+        # upload is expected to be a FieldStorage object
+        if isinstance(upload, cgi.FieldStorage):
+            return VLength.run(self, upload.value, text2)
+        else:
+            self.set_error(self.empty_error, code=400)
+
 class VPrintable(VLength):
     def run(self, text, text2 = ''):
         text = VLength.run(self, text, text2)