Browse Source

Added restricted content types parameter for uploads

pull/111/head
Teknikode 5 years ago
parent
commit
e6589638bd
  1. 9
      Teknik/Areas/API/Controllers/APIv1Controller.cs
  2. 13
      Teknik/Areas/Upload/Controllers/UploadController.cs
  3. 7
      Utilities/Configuration/UploadConfig.cs

9
Teknik/Areas/API/Controllers/APIv1Controller.cs

@ -87,6 +87,15 @@ namespace Teknik.Areas.API.Controllers @@ -87,6 +87,15 @@ namespace Teknik.Areas.API.Controllers
}
}
// Check content type restrictions (Only for encrypting server side
if (model.encrypt || !string.IsNullOrEmpty(model.key))
{
if (Config.UploadConfig.RestrictedContentTypes.Contains(model.contentType))
{
return Json(new { error = new { message = "File Type Not Allowed" } });
}
}
// Initialize the key size and block size if empty
if (model.keySize <= 0)
model.keySize = Config.UploadConfig.KeySize;

13
Teknik/Areas/Upload/Controllers/UploadController.cs

@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
using nClam;
using nClam;
using Piwik.Tracker;
using System;
using System.Collections.Generic;
@ -84,6 +84,15 @@ namespace Teknik.Areas.Upload.Controllers @@ -84,6 +84,15 @@ namespace Teknik.Areas.Upload.Controllers
}
}
// Check content type restrictions (Only for encrypting server side
if (encrypt)
{
if (Config.UploadConfig.RestrictedContentTypes.Contains(fileType))
{
return Json(new { error = new { message = "File Type Not Allowed" } });
}
}
using (TeknikEntities db = new TeknikEntities())
{
Models.Upload upload = Uploader.SaveFile(db, Config, data.InputStream, fileType, contentLength, encrypt, fileExt, iv, null, keySize, blockSize);
@ -413,4 +422,4 @@ namespace Teknik.Areas.Upload.Controllers @@ -413,4 +422,4 @@ namespace Teknik.Areas.Upload.Controllers
}
}
}
}
}

7
Utilities/Configuration/UploadConfig.cs

@ -1,4 +1,4 @@ @@ -1,4 +1,4 @@
using System;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
@ -31,6 +31,8 @@ namespace Teknik.Configuration @@ -31,6 +31,8 @@ namespace Teknik.Configuration
public bool VirusScanEnable { get; set; }
public string ClamServer { get; set; }
public int ClamPort { get; set; }
// Content Type Restrictions
public List<string> RestrictedContentTypes { get; set; }
public UploadConfig()
{
@ -55,6 +57,7 @@ namespace Teknik.Configuration @@ -55,6 +57,7 @@ namespace Teknik.Configuration
VirusScanEnable = false;
ClamServer = "localhost";
ClamPort = 3310;
RestrictedContentTypes = new List<string>();
}
}
}
}

Loading…
Cancel
Save