Mirrors/continuwuity
1
0
Fork 0
mirror of https://forgejo.ellis.link/continuwuation/continuwuity.git synced 2026-05-26 20:49:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Proactively read Content-Length to reject oversized uploads

Browse Source
This commit is contained in:
nexy7574
2025-10-09 03:30:37 +01:00
committed by nex
parent 799def70dc
commit cb8f36444c
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/api/router/request.rs
+13
View File
@@ -34,6 +34,19 @@ pub(super) async fn from(
let max_body_size = services.server.config.max_request_size; let max_body_size = services.server.config.max_request_size;
// Check if the Content-Length header is present and valid, saves us streaming
// the response into memory
if let Some(content_length) = parts.headers.get(http::header::CONTENT_LENGTH) {
if let Ok(content_length) = content_length
.to_str()
.map(|s| s.parse::<usize>().unwrap_or_default())
{
if content_length > max_body_size {
return Err(err!(Request(TooLarge("Request body too large"))));
}
}
}
let body = axum::body::to_bytes(body, max_body_size) let body = axum::body::to_bytes(body, max_body_size)
.await .await
.map_err(|e| err!(Request(TooLarge("Request body too large: {e}"))))?; .map_err(|e| err!(Request(TooLarge("Request body too large: {e}"))))?;