check content type
All checks were successful
Deploy App / docker (ubuntu-latest, 2.44.0, 17, 3.8.5) (push) Successful in 1m2s
Publish Docker Image / docker (ubuntu-latest, 2.44.0, 17, 3.8.5) (push) Successful in 57s

This commit is contained in:
Lee 2024-06-02 12:40:31 +01:00
parent 1e2503ef44
commit f3360b6041
2 changed files with 13 additions and 5 deletions

View File

@ -3,6 +3,7 @@ package cc.fascinated.backend.controller;
import cc.fascinated.backend.model.Paste;
import cc.fascinated.backend.service.PasteService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
@ -20,8 +21,8 @@ public class PasteController {
}
@PostMapping(value = "/upload")
public ResponseEntity<?> uploadPaste(@RequestBody String content) {
String id = pasteService.createPaste(content);
public ResponseEntity<?> uploadPaste(@RequestBody String content, @RequestHeader(HttpHeaders.CONTENT_TYPE) String contentType) {
String id = pasteService.createPaste(content, contentType);
return ResponseEntity.ok(Map.of("id", id));
}

View File

@ -44,7 +44,7 @@ public class PasteService {
* @param content The content of the paste.
* @return The id of the paste.
*/
public String createPaste(String content) {
public String createPaste(String content, String contentType) {
int length = content.length();
long before = System.currentTimeMillis();
log.info("Creating a new paste. (characters: {})", length);
@ -52,12 +52,19 @@ public class PasteService {
// Check if the content is too large.
if (length > uploadSizeLimit && uploadSizeLimit != -1) {
log.info("Paste didn't meet the size requirements. (characters: {})", length);
throw new BadRequestException("The paste content is too large, the limit is " + uploadSizeLimit + " characters");
throw new BadRequestException("The paste content is too large, the limit is " + uploadSizeLimit + " characters, not uploading...");
}
// Ensure the paste content type is valid.
if (contentType.contains("image") || contentType.contains("video") || contentType.contains("audio")) {
log.info("Paste content type is not supported. (content type: {})", contentType);
throw new BadRequestException("The paste content type is not supported, not uploading...");
}
// Ensure the paste content does not contain a file header.
if (FileHeaderChecker.containsFileHeader(content)) {
throw new BadRequestException("The paste content contains a file header");
log.info("Paste content contains a file header, not uploading...");
throw new BadRequestException("The paste content contains a file header, not uploading...");
}
// Save the paste to the database.