Mercurial > prosody-modules
comparison mod_http_upload/mod_http_upload.lua @ 1851:03c5639882a7
mod_http_upload: Add support for a file size limit
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 14 Sep 2015 12:49:54 +0200 |
| parents | e3a0ebe671cc |
| children | 8ef500508c59 |
comparison
equal
deleted
inserted
replaced
| 1850:e3a0ebe671cc | 1851:03c5639882a7 |
|---|---|
| 13 local uuid = require"util.uuid".generate; | 13 local uuid = require"util.uuid".generate; |
| 14 | 14 |
| 15 local function join_path(a, b) | 15 local function join_path(a, b) |
| 16 return a .. package.config:sub(1,1) .. b; | 16 return a .. package.config:sub(1,1) .. b; |
| 17 end | 17 end |
| 18 | |
| 19 -- config | |
| 20 local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 10 * 1024 * 1024); -- 10 MB | |
| 18 | 21 |
| 19 -- depends | 22 -- depends |
| 20 module:depends("http"); | 23 module:depends("http"); |
| 21 module:depends("disco"); | 24 module:depends("disco"); |
| 22 | 25 |
| 44 local filename = request:get_child_text("filename"); | 47 local filename = request:get_child_text("filename"); |
| 45 if not filename or filename:find("/") then | 48 if not filename or filename:find("/") then |
| 46 origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid filename")); | 49 origin.send(st.error_reply(stanza, "modify", "bad-request", "Invalid filename")); |
| 47 return true; | 50 return true; |
| 48 end | 51 end |
| 52 local filesize = tonumber(request:get_child_text("size")); | |
| 53 if not filesize then | |
| 54 origin.send(st.error_reply(stanza, "modify", "bad-request", "Missing or invalid file size")); | |
| 55 return true; | |
| 56 elseif filesize > file_size_limit then | |
| 57 origin.send(st.error_reply(stanza, "modify", "not-acceptable", "File too large", | |
| 58 st.stanza("file-too-large", {xmlns=xmlns_http_upload}) | |
| 59 :tag("max-size"):text(tostring(file_size_limit)))); | |
| 60 return true; | |
| 61 end | |
| 49 local reply = st.reply(stanza); | 62 local reply = st.reply(stanza); |
| 50 reply:tag("slot", { xmlns = xmlns_http_upload }); | 63 reply:tag("slot", { xmlns = xmlns_http_upload }); |
| 51 local random = uuid(); | 64 local random = uuid(); |
| 52 pending_slots[random.."/"..filename] = origin.full_jid; | 65 pending_slots[random.."/"..filename] = origin.full_jid; |
| 53 local url = module:http_url() .. "/" .. random .. "/" .. filename; | 66 local url = module:http_url() .. "/" .. random .. "/" .. filename; |
| 62 if not pending_slots[path] then | 75 if not pending_slots[path] then |
| 63 return 401; | 76 return 401; |
| 64 end | 77 end |
| 65 local random, filename = path:match("^([^/]+)/([^/]+)$"); | 78 local random, filename = path:match("^([^/]+)/([^/]+)$"); |
| 66 if not random then | 79 if not random then |
| 80 return 400; | |
| 81 end | |
| 82 if #event.request.body > file_size_limit then | |
| 83 module:log("error", "Uploaded file too large %d bytes", #event.request.body); | |
| 67 return 400; | 84 return 400; |
| 68 end | 85 end |
| 69 local dirname = join_path(storage_path, random); | 86 local dirname = join_path(storage_path, random); |
| 70 if not lfs.mkdir(dirname) then | 87 if not lfs.mkdir(dirname) then |
| 71 module:log("error", "Could not create directory %s for upload", dirname); | 88 module:log("error", "Could not create directory %s for upload", dirname); |