Change in upload link handling. #4441
Comments
|
I have a strong suspicion that this is caused by haiwen/seafile-server@9f0083f#diff-92229f8110a875425cedcc84d4d8ba65R504 . |
|
Actually, it's probably haiwen/seafile-server#286 instead (edit: the commit above is from this PR but is not the one responsible.) |
Currently the behavior is such that the directory specified in the two requests have to match, which makes the argument for the second request completely useless. If this were to be the desired behavior then the `parent_dir` parameter should just be ignored from the second request completely. Alternatively, this commit allows upload to a subdirectory of the `p` parameter from the first request again. This matches the old behavior better without allowing uploading to an arbitrary directory. If the current behavior is also desired for some use cases, it should be added as new request or with a new parameter on the first request. Fix regression from haiwen#286. Fix haiwen/seahub#4441
|
Hello.
I just tested this situation, it returned a url which is supposed to, not Can you generate a test account for us to test in your Seafile service ? |
We will update the parameter check logic for the first request ( If only use |
Not really since I've patched this up locally......... Using the problem mentioned above....... |
BTW, what I meant by the "upload-link" request is the request to the URL I get back from the first request (upload-link) that is used to actually upload the file. |
|
Fixed in #4528 |
|
AFAICT that doesn't fix the problem I'm reporting. |
|
In version 7.1, the parent_dir parameter has to be set both in getting the link and actually uploading file to the link. This is for security reason. |
1 similar comment
|
In version 7.1, the parent_dir parameter has to be set both in getting the link and actually uploading file to the link. This is for security reason. |
|
Right, and that is exactly what I argued as not making sense. |
This is a change in the upload API that happens somewhere between 6.3 and 7.1. I was able to use
repos/<repo-id>/upload-link/to get an upload URL and then use theparent_dir=<...>to specify the directoy I want to upload the file into.Now in 7.1.1, if I don't give the
p=parameter for thhe upload-link request, I get{"error": "Permission denied."}as return value (with status code 200 btw). If I only usep=in thte first request but not theparent_dir=in the second request, I get{"error": "Invalid URL. "}(with a new line before the closing quote, which might be invalid JSON, also 200 status code). I had to provide he directory in both requests. This is fine to work with but is a bit strange. The error return is also a bit strange and give no useful information.....The text was updated successfully, but these errors were encountered: