Add security fixes: SHA256 hash validation and streaming file size enforcement
- Add field_validator to ResumableUploadInitRequest to validate expected_hash is a valid 64-character lowercase hex SHA256 hash (normalizes to lowercase) - Add FileSizeExceededError exception for file size limit violations - Enforce file size limits in storage layer during streaming (prevents Content-Length header spoofing) - Add FileSizeExceededError handler in upload endpoint returning HTTP 413 - Add node_modules and frontend/dist to .gitignore
This commit is contained in:
Mondo Diaz
4
.gitignore
vendored
4
.gitignore
vendored
@@ -37,6 +37,10 @@ Thumbs.db
|
||||
# Build
|
||||
/build/
|
||||
/dist/
|
||||
frontend/dist/
|
||||
|
||||
# Node
|
||||
node_modules/
|
||||
|
||||
# Local config overrides
|
||||
config.local.yaml
|
||||
|
||||
Reference in New Issue
Block a user