Configurable maximum upload file size. Fixes #35

2015-10-08 01:38:50 -04:00 · 2015-10-08 01:38:50 -04:00 · 639d519712
parent 040ffa89f7
commit 639d519712
8 changed files with 20 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -22,6 +22,7 @@ Command-line options
 - ```-siteurl "http://mylinx.example.org/"``` -- the site url (for generating links)
 - ```-filespath files/"``` -- Path to store uploads (default is files/)
 - ```-metapath meta/``` -- Path to store information about uploads (default is meta/)
+- ```-maxsize 4294967296``` "maximum upload file size in bytes (default 4GB)"
 - ```-certfile path/to/your.crt``` -- Path to the ssl certificate (required if you want to use the https server)
 - ```-keyfile path/to/your.key``` -- Path to the ssl key (required if you want to use the https server)
 - ```-contentsecuritypolicy "..."``` -- Content-Security-Policy header for pages (default is "default-src 'self'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; referrer none;")
--- a/csp_test.go
+++ b/csp_test.go
@ -19,6 +19,7 @@ func TestContentSecurityPolicy(t *testing.T) {
 	Config.siteURL = "http://linx.example.org/"
 	Config.filesDir = path.Join(os.TempDir(), generateBarename())
 	Config.metaDir = Config.filesDir + "_meta"
+	Config.maxSize = 1024 * 1024 * 1024
 	Config.noLogs = true
 	Config.siteName = "linx"
 	Config.contentSecurityPolicy = "default-src 'none'; style-src 'self';"
--- a/pages.go
+++ b/pages.go
@ -20,7 +20,9 @@ const (
 )

 func indexHandler(c web.C, w http.ResponseWriter, r *http.Request) {
-	err := Templates["index.html"].ExecuteWriter(pongo2.Context{}, w)
+	err := Templates["index.html"].ExecuteWriter(pongo2.Context{
+		"maxsize": Config.maxSize,
+	}, w)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 	}
--- a/server.go
+++ b/server.go
@ -29,6 +29,7 @@ var Config struct {
 	contentSecurityPolicy     string
 	fileContentSecurityPolicy string
 	xFrameOptions             string
+	maxSize                   int64
 	noLogs                    bool
 	allowHotlink              bool
 	fastcgi                   bool
@ -129,6 +130,8 @@ func main() {
 		"name of the site")
 	flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/",
 		"site base url (including trailing slash)")
+	flag.Int64Var(&Config.maxSize, "maxsize", 4*1024*1024*1024,
+		"maximum upload file size in bytes (default 4GB)")
 	flag.StringVar(&Config.certFile, "certfile", "",
 		"path to ssl certificate (for https)")
 	flag.StringVar(&Config.keyFile, "keyfile", "",
--- a/server_test.go
+++ b/server_test.go
@ -33,6 +33,7 @@ func TestSetup(t *testing.T) {
 	Config.siteURL = "http://linx.example.org/"
 	Config.filesDir = path.Join(os.TempDir(), generateBarename())
 	Config.metaDir = Config.filesDir + "_meta"
+	Config.maxSize = 1024 * 1024 * 1024
 	Config.noLogs = true
 	Config.siteName = "linx"
 	setup()
--- a/static/js/upload.js
+++ b/static/js/upload.js
@ -85,12 +85,17 @@ Dropzone.options.dropzone = {
 			file.fileLabel.innerHTML = file.name + ": Canceled ";			
 		}
 		else {
-			file.fileLabel.innerHTML = file.name + ": " + resp.error;
+			if (resp.error) {
+				file.fileLabel.innerHTML = file.name + ": " + resp.error;
+			}
+			else {
+				file.fileLabel.innerHTML = file.name + ": " + resp;
+			}
 		}
 		file.fileLabel.className = "error";
 	},

-    maxFilesize: 4096,
+    maxFilesize: Math.round(parseInt(document.getElementById("dropzone").getAttribute("data-maxsize"), 10) / 1024 / 1024),
 	previewsContainer: "#uploads",
 	parallelUploads: 5,
 	headers: {"Accept": "application/json"},
--- a/templates/index.html
+++ b/templates/index.html
@ -6,7 +6,7 @@

 {% block content %} 
 <div id="fileupload">
-    <form action="/upload" class="dropzone" id="dropzone" method="POST" enctype="multipart/form-data">
+    <form action="/upload" class="dropzone" id="dropzone" method="POST" enctype="multipart/form-data" data-maxsize="{{ maxsize }}">
        <div class="fallback">
            <input id="fileinput" name="file" type="file" /><br />
            <input id="submitbtn" type="submit" value="Upload">
--- a/upload.go
+++ b/upload.go
@ -259,6 +259,9 @@ func processUpload(upReq UploadRequest) (upload Upload, err error) {
 	} else if err != nil {
 		os.Remove(path.Join(Config.filesDir, upload.Filename))
 		return
+	} else if bytes > Config.maxSize {
+		os.Remove(path.Join(Config.filesDir, upload.Filename))
+		return upload, errors.New("File too large")
 	}

 	upload.Metadata, err = generateMetadata(upload.Filename, expiry, upReq.deletionKey)