beenull/sftpgo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WebClient: remove the default upload size limit

Browse source 
Users who want a limit can still set it.
By default, we want to allow uploads of any size

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino 2023-03-02 18:26:21 +01:00
parent ae90ed2ba0
commit bdcee06665
No known key found for this signature in database
GPG key ID: 935D2952DEC4EECF
4 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/full-configuration.md
View file

@ -362,7 +362,7 @@ The configuration file contains the following sections:
- `ca_revocation_lists`, list of strings. Set a revocation lists, one for each root CA, to be used to check if a client certificate has been revoked. The revocation lists can be reloaded on demand sending a `SIGHUP` signal on Unix based systems and a `paramchange` request to the running service on Windows.
- `signing_passphrase`, string. Passphrase to use to derive the signing key for JWT and CSRF tokens. If empty a random signing key will be generated each time SFTPGo starts. If you set a signing passphrase you should consider rotating it periodically for added security.
- `token_validation`, integer. Define how to validate JWT tokens, cookies and CSRF tokens. By default all the available security checks are enabled. Set to 1 to disable the requirement that a token must be used by the same IP for which it was issued. Default: `0`.
- `max_upload_file_size`, integer. Defines the maximum request body size, in bytes, for Web Client/API HTTP upload requests. 0 means no limit. Default: 1048576000.
- `max_upload_file_size`, integer. Defines the maximum request body size, in bytes, for Web Client/API HTTP upload requests. `0` means no limit. Default: `0`.
- `cors` struct containing CORS configuration. SFTPGo uses [Go CORS handler](https://github.com/rs/cors), please refer to upstream documentation for fields meaning and their default values.
- `enabled`, boolean, set to `true` to enable CORS.
- `allowed_origins`, list of strings.

2
internal/config/config.go
View file

@ -386,7 +386,7 @@ func Init() {
CARevocationLists: nil,
SigningPassphrase: "",
TokenValidation: 0,
MaxUploadFileSize: 1048576000,
MaxUploadFileSize: 0,
Cors: httpd.CorsConfig{
Enabled: false,
AllowedOrigins: []string{},

1
internal/httpd/httpd_test.go
View file

@ -313,6 +313,7 @@ func TestMain(m *testing.M) {
os.Setenv("SFTPGO_DEFAULT_ADMIN_PASSWORD", "password")
os.Setenv("SFTPGO_HTTPD__BINDINGS__0__WEB_CLIENT_INTEGRATIONS__0__URL", "http://127.0.0.1/test.html")
os.Setenv("SFTPGO_HTTPD__BINDINGS__0__WEB_CLIENT_INTEGRATIONS__0__FILE_EXTENSIONS", ".pdf,.txt")
os.Setenv("SFTPGO_HTTPD__MAX_UPLOAD_FILE_SIZE", "1048576000")
err := config.LoadConfig(configDir, "")
if err != nil {
logger.WarnToConsole("error loading configuration: %v", err)

2
sftpgo.json
View file

@ -336,7 +336,7 @@
"ca_revocation_lists": [],
"signing_passphrase": "",
"token_validation": 0,
"max_upload_file_size": 1048576000,
"max_upload_file_size": 0,
"cors": {
"enabled": false,
"allowed_origins": [],