From 639d519712ca13a4581f517f64be4ed7c9f096dc Mon Sep 17 00:00:00 2001 From: andreimarcu Date: Thu, 8 Oct 2015 01:38:50 -0400 Subject: [PATCH] Configurable maximum upload file size. Fixes #35 --- README.md | 1 + csp_test.go | 1 + pages.go | 4 +++- server.go | 3 +++ server_test.go | 1 + static/js/upload.js | 9 +++++++-- templates/index.html | 2 +- upload.go | 3 +++ 8 files changed, 20 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 14450c5..fa116fd 100644 --- a/README.md +++ b/README.md @@ -22,6 +22,7 @@ Command-line options - ```-siteurl "http://mylinx.example.org/"``` -- the site url (for generating links) - ```-filespath files/"``` -- Path to store uploads (default is files/) - ```-metapath meta/``` -- Path to store information about uploads (default is meta/) +- ```-maxsize 4294967296``` "maximum upload file size in bytes (default 4GB)" - ```-certfile path/to/your.crt``` -- Path to the ssl certificate (required if you want to use the https server) - ```-keyfile path/to/your.key``` -- Path to the ssl key (required if you want to use the https server) - ```-contentsecuritypolicy "..."``` -- Content-Security-Policy header for pages (default is "default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer none;") diff --git a/csp_test.go b/csp_test.go index 87f5dd9..e15ecc3 100644 --- a/csp_test.go +++ b/csp_test.go @@ -19,6 +19,7 @@ func TestContentSecurityPolicy(t *testing.T) { Config.siteURL = "http://linx.example.org/" Config.filesDir = path.Join(os.TempDir(), generateBarename()) Config.metaDir = Config.filesDir + "_meta" + Config.maxSize = 1024 * 1024 * 1024 Config.noLogs = true Config.siteName = "linx" Config.contentSecurityPolicy = "default-src 'none'; style-src 'self';" diff --git a/pages.go b/pages.go index ac1b7f1..de00351 100644 --- a/pages.go +++ b/pages.go @@ -20,7 +20,9 @@ const ( ) func indexHandler(c web.C, w http.ResponseWriter, r *http.Request) { - err := Templates["index.html"].ExecuteWriter(pongo2.Context{}, w) + err := Templates["index.html"].ExecuteWriter(pongo2.Context{ + "maxsize": Config.maxSize, + }, w) if err != nil { http.Error(w, err.Error(), http.StatusInternalServerError) } diff --git a/server.go b/server.go index 2e74d85..b707909 100644 --- a/server.go +++ b/server.go @@ -29,6 +29,7 @@ var Config struct { contentSecurityPolicy string fileContentSecurityPolicy string xFrameOptions string + maxSize int64 noLogs bool allowHotlink bool fastcgi bool @@ -129,6 +130,8 @@ func main() { "name of the site") flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/", "site base url (including trailing slash)") + flag.Int64Var(&Config.maxSize, "maxsize", 4*1024*1024*1024, + "maximum upload file size in bytes (default 4GB)") flag.StringVar(&Config.certFile, "certfile", "", "path to ssl certificate (for https)") flag.StringVar(&Config.keyFile, "keyfile", "", diff --git a/server_test.go b/server_test.go index b2d41ae..9869206 100644 --- a/server_test.go +++ b/server_test.go @@ -33,6 +33,7 @@ func TestSetup(t *testing.T) { Config.siteURL = "http://linx.example.org/" Config.filesDir = path.Join(os.TempDir(), generateBarename()) Config.metaDir = Config.filesDir + "_meta" + Config.maxSize = 1024 * 1024 * 1024 Config.noLogs = true Config.siteName = "linx" setup() diff --git a/static/js/upload.js b/static/js/upload.js index d78a641..1a79be1 100644 --- a/static/js/upload.js +++ b/static/js/upload.js @@ -85,12 +85,17 @@ Dropzone.options.dropzone = { file.fileLabel.innerHTML = file.name + ": Canceled "; } else { - file.fileLabel.innerHTML = file.name + ": " + resp.error; + if (resp.error) { + file.fileLabel.innerHTML = file.name + ": " + resp.error; + } + else { + file.fileLabel.innerHTML = file.name + ": " + resp; + } } file.fileLabel.className = "error"; }, - maxFilesize: 4096, + maxFilesize: Math.round(parseInt(document.getElementById("dropzone").getAttribute("data-maxsize"), 10) / 1024 / 1024), previewsContainer: "#uploads", parallelUploads: 5, headers: {"Accept": "application/json"}, diff --git a/templates/index.html b/templates/index.html index 2c49272..9262cf3 100644 --- a/templates/index.html +++ b/templates/index.html @@ -6,7 +6,7 @@ {% block content %}
-
+

diff --git a/upload.go b/upload.go index ef3c9a1..ec0fdb3 100644 --- a/upload.go +++ b/upload.go @@ -259,6 +259,9 @@ func processUpload(upReq UploadRequest) (upload Upload, err error) { } else if err != nil { os.Remove(path.Join(Config.filesDir, upload.Filename)) return + } else if bytes > Config.maxSize { + os.Remove(path.Join(Config.filesDir, upload.Filename)) + return upload, errors.New("File too large") } upload.Metadata, err = generateMetadata(upload.Filename, expiry, upReq.deletionKey)