URL length and expiry on POST request PR #2
This commit is contained in:
parent
4dcf1f37a3
commit
345236b2d9
SSH Key Fingerprint:
SHA256:diG7RVYHjd3aDYkZWHYcBJbImu+6zfptuUP+3k/wol4
58
main.go
58
main.go
@ -96,12 +96,12 @@ func Zeros(path string, size int64) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func NameGen() string {
|
||||
const chars = "abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ0123456789"
|
||||
func NameGen(fileNameLength int) string {
|
||||
const chars = "abcdefghjkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ0123456789-_"
|
||||
ll := len(chars)
|
||||
b := make([]byte, conf.FileLen)
|
||||
b := make([]byte, fileNameLength)
|
||||
rand.Read(b) // generates len(b) random bytes
|
||||
for i := int64(0); i < int64(conf.FileLen); i++ {
|
||||
for i := int64(0); i < int64(fileNameLength); i++ {
|
||||
b[i] = chars[int(b[i])%ll]
|
||||
}
|
||||
return string(b)
|
||||
@ -116,7 +116,12 @@ func Exists(path string) bool {
|
||||
|
||||
func UploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
// expiry time
|
||||
ttl := int64(conf.TTLSeconds)
|
||||
var name string
|
||||
var ttl int64
|
||||
var fileNameLength int
|
||||
|
||||
fileNameLength = 0
|
||||
ttl = 0
|
||||
|
||||
file, _, err := r.FormFile("file")
|
||||
if err != nil {
|
||||
@ -132,10 +137,49 @@ func UploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
file.Seek(0, 0)
|
||||
|
||||
|
||||
// Check if expiry time is present and length is too long
|
||||
if r.PostFormValue("expiry") != "" {
|
||||
ttl, err = strconv.ParseInt(r.PostFormValue("expiry"), 10, 64)
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("expiry could not be parsed")
|
||||
} else {
|
||||
// 5 days max
|
||||
if ttl < 1 || ttl > 432000 {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Default to conf if not present
|
||||
if ttl == 0 {
|
||||
ttl = int64(conf.TTLSeconds)
|
||||
}
|
||||
|
||||
// Check if the file length parameter exists and also if it's too long
|
||||
if r.PostFormValue("url_len") != "" {
|
||||
fileNameLength, err = strconv.Atoi(r.PostFormValue("url_len"))
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("url_len could not be parsed")
|
||||
} else {
|
||||
// if the length is < 3 and > 128 return error
|
||||
if fileNameLength < 3 || fileNameLength > 128 {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Default to conf if not present
|
||||
if fileNameLength == 0 {
|
||||
fileNameLength = conf.FileLen
|
||||
}
|
||||
|
||||
|
||||
// generate + check name
|
||||
var name string
|
||||
for {
|
||||
id := NameGen()
|
||||
id := NameGen(fileNameLength)
|
||||
name = id + mtype.Extension()
|
||||
if !Exists(conf.FileFolder + "/" + name) {
|
||||
break
|
||||
|
||||
Loading…
Reference in New Issue
Block a user