Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Larger than maxUploadSize error reporting #133

Open
ignl opened this issue Jul 9, 2016 · 2 comments
Open

Larger than maxUploadSize error reporting #133

ignl opened this issue Jul 9, 2016 · 2 comments
Labels

Comments

@ignl
Copy link

ignl commented Jul 9, 2016

Hi, I have a collection with set maxUploadSize option. I wonder if that should be enough and insert callback should return an error or I do need to do some manual check and error reporting for the user on client? Because right now file with length = 0 is inserted into database with no error if I upload larger than allowed file.

@ignl
Copy link
Author

ignl commented Jul 11, 2016

I currently just added a check on client with error reporting if file is too big and same with validating contentType except same check additionally on allow rules for contentType.

@vsivsi
Copy link
Owner

vsivsi commented Jul 11, 2016

Hi, you should certainly do file size checking in the client code, and refrain from inserting the zero-length file if the proposed upload is too large.

The server-side check exists to prevent abuse (i.e. you can never really trust client-side code in the hands of an adversary.) But under normal circumstances, a client-side check should be catching an oversized request before anything ever touches the server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants