|
@@ -136,10 +136,17 @@ def clip():
|
|
|
|
|
|
|
|
if request.method == 'POST':
|
|
if request.method == 'POST':
|
|
|
if 'paste' not in request.params:
|
|
if 'paste' not in request.params:
|
|
|
- return abort(400, "Missing arameter: 'paste'")
|
|
|
|
|
|
|
+ return abort(400, "Missing parameter: 'paste'")
|
|
|
|
|
+
|
|
|
|
|
+ # TODO: what is correct overhead for form content?
|
|
|
|
|
+ OVERHEAD = 1024
|
|
|
|
|
+ if 'paste' not in request.query and request.content_length == -1 or request.content_length > CLIP_SIZE_LIMIT + OVERHEAD:
|
|
|
|
|
+ return abort(418, f"Paste size can not exceed {CLIP_SIZE_LIMIT}")
|
|
|
|
|
+
|
|
|
content = request.params['paste'].encode('utf-8')
|
|
content = request.params['paste'].encode('utf-8')
|
|
|
if len(content) > CLIP_SIZE_LIMIT:
|
|
if len(content) > CLIP_SIZE_LIMIT:
|
|
|
- return abort(413, f"Paste size can not exceed {CLIP_SIZE_LIMIT}")
|
|
|
|
|
|
|
+ return abort(418, f"Paste size can not exceed {CLIP_SIZE_LIMIT}")
|
|
|
|
|
+
|
|
|
_bytes = blake(content, person='clip'.encode('utf-8'))
|
|
_bytes = blake(content, person='clip'.encode('utf-8'))
|
|
|
_b32 = bytes_to_base32(_bytes)
|
|
_b32 = bytes_to_base32(_bytes)
|
|
|
directory = f'app/rest/static/{_b32}'
|
|
directory = f'app/rest/static/{_b32}'
|
|
@@ -147,7 +154,7 @@ def clip():
|
|
|
os.mkdir(directory, mode=0o700, dir_fd=None)
|
|
os.mkdir(directory, mode=0o700, dir_fd=None)
|
|
|
except FileExistsError:
|
|
except FileExistsError:
|
|
|
pass
|
|
pass
|
|
|
- fd = os.open(f'{directory}/{_b32}.file', os.O_WRONLY | os.O_CREAT, 0o600)
|
|
|
|
|
|
|
+ fd = os.open(f'{directory}/{_b32}.file', os.O_WRONLY | os.O_TRUNC | os.O_CREAT, 0o600)
|
|
|
with open(fd, "wb") as f:
|
|
with open(fd, "wb") as f:
|
|
|
f.write(content)
|
|
f.write(content)
|
|
|
|
|
|
Daniel Sheffield