diff options
| author | Jesús Espino <jespinog@gmail.com> | 2018-07-18 10:07:00 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-07-18 10:07:00 +0200 |
| commit | b367b1ff4064557deacae0f7ecf77fae4624b8c6 (patch) | |
| tree | 5b9218d64d0e659424db97c996bd20fa1e7ee8d9 /api4 | |
| parent | e718d2544f6c719bc6e31f569400f44d54de3a34 (diff) | |
| download | chat-b367b1ff4064557deacae0f7ecf77fae4624b8c6.tar.gz chat-b367b1ff4064557deacae0f7ecf77fae4624b8c6.tar.bz2 chat-b367b1ff4064557deacae0f7ecf77fae4624b8c6.zip | |
Do not close the connection abruptly on too big file uploads (#9083)
Diffstat (limited to 'api4')
| -rw-r--r-- | api4/brand.go | 4 | ||||
| -rw-r--r-- | api4/file.go | 3 | ||||
| -rw-r--r-- | api4/team.go | 4 | ||||
| -rw-r--r-- | api4/user.go | 4 |
4 files changed, 15 insertions, 0 deletions
diff --git a/api4/brand.go b/api4/brand.go index f182e1070..2e3081353 100644 --- a/api4/brand.go +++ b/api4/brand.go @@ -4,6 +4,8 @@ package api4 import ( + "io" + "io/ioutil" "net/http" "github.com/mattermost/mattermost-server/model" @@ -27,6 +29,8 @@ func getBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { } func uploadBrandImage(c *Context, w http.ResponseWriter, r *http.Request) { + defer io.Copy(ioutil.Discard, r.Body) + if r.ContentLength > *c.App.Config().FileSettings.MaxFileSize { c.Err = model.NewAppError("uploadBrandImage", "api.admin.upload_brand_image.too_large.app_error", nil, "", http.StatusRequestEntityTooLarge) return diff --git a/api4/file.go b/api4/file.go index bd8c46405..ab0fbce14 100644 --- a/api4/file.go +++ b/api4/file.go @@ -5,6 +5,7 @@ package api4 import ( "io" + "io/ioutil" "net/http" "net/url" "strconv" @@ -56,6 +57,8 @@ func (api *API) InitFile() { } func uploadFile(c *Context, w http.ResponseWriter, r *http.Request) { + defer io.Copy(ioutil.Discard, r.Body) + if !*c.App.Config().FileSettings.EnableFileAttachments { c.Err = model.NewAppError("uploadFile", "api.file.attachments.disabled.app_error", nil, "", http.StatusNotImplemented) return diff --git a/api4/team.go b/api4/team.go index adb8ae355..6fbc537e9 100644 --- a/api4/team.go +++ b/api4/team.go @@ -7,6 +7,8 @@ import ( "bytes" "encoding/base64" "fmt" + "io" + "io/ioutil" "net/http" "strconv" @@ -796,6 +798,8 @@ func getTeamIcon(c *Context, w http.ResponseWriter, r *http.Request) { } func setTeamIcon(c *Context, w http.ResponseWriter, r *http.Request) { + defer io.Copy(ioutil.Discard, r.Body) + c.RequireTeamId() if c.Err != nil { return diff --git a/api4/user.go b/api4/user.go index ac702644d..b73354cfd 100644 --- a/api4/user.go +++ b/api4/user.go @@ -5,6 +5,8 @@ package api4 import ( "fmt" + "io" + "io/ioutil" "net/http" "strconv" "time" @@ -234,6 +236,8 @@ func getProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { } func setProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { + defer io.Copy(ioutil.Discard, r.Body) + c.RequireUserId() if c.Err != nil { return |