Created
May 2, 2022 10:43
-
-
Save xet7/dd88fa2d23f752d52fc9eeb6a1806722 to your computer and use it in GitHub Desktop.
Limit WeKan file size and type
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/models/attachments.js b/models/attachments.js | |
| index bbbf8e59..4b7faa7c 100644 | |
| --- a/models/attachments.js | |
| +++ b/models/attachments.js | |
| @@ -33,6 +33,19 @@ Attachments = new FilesCollection({ | |
| const ret = fileStoreStrategyFactory.storagePath; | |
| return ret; | |
| }, | |
| + onBeforeUpload(file) { | |
| + // Allow upload files under 10MB, and only in png/jpg/jpeg formats | |
| + // Note: You should never trust to extension and mime-type here | |
| + // as this data comes from client and can be easily substitute | |
| + // to check file's "magic-numbers" use `mmmagic` or `file-type` package | |
| + // real extension and mime-type can be checked on client (untrusted side) | |
| + // and on server at `onAfterUpload` hook (trusted side) | |
| + if (file.size <= 10485760 && /png|jpe?g/i.test(file.ext)) { | |
| + return true; | |
| + } | |
| + alert('Please upload image, with size equal or less than 10MB'); | |
| + return 'Please upload image, with size equal or less than 10MB'; | |
| + }, | |
| onAfterUpload(fileObj) { | |
| // current storage is the filesystem, update object and database | |
| Object.keys(fileObj.versions).forEach(versionName => { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment