Mercurial > prosody-modules
changeset 2683:d0948bd96a7b
mod_http_upload: Add support for limiting file types to upload
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Thu, 13 Apr 2017 20:29:41 +0200 |
| parents | 3fd50495c89d |
| children | e491a15d7621 |
| files | mod_http_upload/README.markdown mod_http_upload/mod_http_upload.lua |
| diffstat | 2 files changed, 16 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_http_upload/README.markdown Thu Apr 13 20:26:24 2017 +0200 +++ b/mod_http_upload/README.markdown Thu Apr 13 20:29:41 2017 +0200 @@ -55,6 +55,14 @@ http_upload_quota = 1234 -- bytes ``` +### File types + +Accepted file types can be limited by MIME type: + +``` lua +http_upload_allowed_file_types = { "image/*", "text/plain" } +``` + Path ----
--- a/mod_http_upload/mod_http_upload.lua Thu Apr 13 20:26:24 2017 +0200 +++ b/mod_http_upload/mod_http_upload.lua Thu Apr 13 20:29:41 2017 +0200 @@ -31,6 +31,7 @@ local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 1024 * 1024); -- 1 MB local quota = module:get_option_number(module.name .. "_quota"); local max_age = module:get_option_number(module.name .. "_expire_after"); +local allowed_file_types = module:get_option_set(module.name .. "_allowed_file_types"); --- sanity local parser_body_limit = module:context("*"):get_option_number("http_max_content_size", 10*1024*1024); @@ -140,6 +141,13 @@ end end + if allowed_file_types then + if not (allowed_file_types:contains(mimetype) or allowed_file_types:contains(mimetype:gsub("/.*", "/*"))) then + origin.send(st.error_reply(stanza, "cancel", "not-allowed", "File type not allowed")); + return true; + end + end + local reply = st.reply(stanza); reply:tag("slot", { xmlns = xmlns });