From 76e1f1f6138de9cfea03847af0eff61a10261043 Mon Sep 17 00:00:00 2001
From: hmhealey <harrisonmhealey@gmail.com>
Date: Mon, 14 Dec 2015 16:04:10 -0500
Subject: Added serverside file size check for post attachments

---
 api/file.go | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'api')

diff --git a/api/file.go b/api/file.go
index 8afc70692..4339e610b 100644
--- a/api/file.go
+++ b/api/file.go
@@ -76,6 +76,12 @@ func uploadFile(c *Context, w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if r.ContentLength > model.MAX_FILE_SIZE {
+		c.Err = model.NewAppError("uploadFile", "Unable to upload file. File is too large.", "")
+		c.Err.StatusCode = http.StatusRequestEntityTooLarge
+		return
+	}
+
 	err := r.ParseMultipartForm(model.MAX_FILE_SIZE)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
-- 
cgit v1.2.3-1-g7c22