1
0
mirror of https://github.com/bitwarden/server.git synced 2025-01-13 20:21:22 +01:00

Fix upload limits for direct uploads (again) (#1479)

* Use constants to represent file size limits

* Allow uploads of up to 500mb for self-hosted

* Set nginx max body size to 505mb

* Add reminder about updating nginx/proxy.conf
This commit is contained in:
Thomas Rittson 2021-08-04 09:00:30 +10:00 committed by GitHub
parent a31c231749
commit b1ed6d2c21
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 21 additions and 13 deletions

View File

@ -17,6 +17,7 @@ using Microsoft.Azure.EventGrid.Models;
using Bit.Core.Models.Data;
using Microsoft.Extensions.Logging;
using Newtonsoft.Json;
using Bit.Core;
namespace Bit.Api.Controllers
{
@ -622,7 +623,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("{id}/attachment/{attachmentId}")]
[DisableRequestSizeLimit]
[RequestSizeLimit(Constants.FileSize501mb)]
[DisableFormValueModelBinding]
public async Task PostFileForExistingAttachment(string id, string attachmentId)
{
@ -652,7 +653,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("{id}/attachment")]
[RequestSizeLimit(105_906_176)]
[RequestSizeLimit(Constants.FileSize101mb)]
[DisableFormValueModelBinding]
public async Task<CipherResponseModel> PostAttachment(string id)
{
@ -676,7 +677,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("{id}/attachment-admin")]
[RequestSizeLimit(105_906_176)]
[RequestSizeLimit(Constants.FileSize101mb)]
[DisableFormValueModelBinding]
public async Task<CipherMiniResponseModel> PostAttachmentAdmin(string id)
{
@ -709,7 +710,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("{id}/attachment/{attachmentId}/share")]
[RequestSizeLimit(105_906_176)]
[RequestSizeLimit(Constants.FileSize101mb)]
[DisableFormValueModelBinding]
public async Task PostAttachmentShare(string id, string attachmentId, Guid organizationId)
{
@ -805,7 +806,7 @@ namespace Bit.Api.Controllers
throw new BadRequestException("Invalid content.");
}
if (Request.ContentLength > 105906176) // 101 MB, give em' 1 extra MB for cushion
if (Request.ContentLength > Constants.FileSize101mb)
{
throw new BadRequestException("Max file size is 100 MB.");
}

View File

@ -19,6 +19,7 @@ using Bit.Core.Models.Table;
using Newtonsoft.Json;
using Bit.Core.Models.Data;
using Microsoft.Extensions.Logging;
using Bit.Core;
namespace Bit.Api.Controllers
{
@ -166,7 +167,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("file")]
[RequestSizeLimit(105_906_176)]
[RequestSizeLimit(Constants.FileSize101mb)]
[DisableFormValueModelBinding]
public async Task<SendResponseModel> PostFile()
{
@ -175,7 +176,7 @@ namespace Bit.Api.Controllers
throw new BadRequestException("Invalid content.");
}
if (Request.ContentLength > 105906176) // 101 MB, give em' 1 extra MB for cushion
if (Request.ContentLength > Constants.FileSize101mb)
{
throw new BadRequestException("Max file size is 100 MB.");
}
@ -249,7 +250,7 @@ namespace Bit.Api.Controllers
}
[HttpPost("{id}/file/{fileId}")]
[DisableRequestSizeLimit]
[RequestSizeLimit(Constants.FileSize501mb)]
[DisableFormValueModelBinding]
public async Task PostFileForExistingSend(string id, string fileId)
{
@ -258,7 +259,7 @@ namespace Bit.Api.Controllers
throw new BadRequestException("Invalid content.");
}
if (Request.ContentLength > 105906176 && !_globalSettings.SelfHosted) // 101 MB, give em' 1 extra MB for cushion
if (Request.ContentLength > Constants.FileSize101mb && !_globalSettings.SelfHosted)
{
throw new BadRequestException("Max file size for direct upload is 100 MB.");
}

View File

@ -3,6 +3,12 @@
public static class Constants
{
public const int BypassFiltersEventId = 12482444;
// File size limits - give 1 MB extra for cushion.
// Note: if request size limits are changed, 'client_max_body_size'
// in nginx/proxy.conf may also need to be updated accordingly.
public const long FileSize101mb = 101L * 1024L * 1024L;
public const long FileSize501mb = 501L * 1024L * 1024L;
}
public static class TokenPurposes

View File

@ -18,7 +18,7 @@ namespace Bit.Core.Services
{
public class CipherService : ICipherService
{
public const long MAX_FILE_SIZE = 500L * 1024L * 1024L; // 500MB
public const long MAX_FILE_SIZE = Constants.FileSize501mb;
public const string MAX_FILE_SIZE_READABLE = "500 MB";
private readonly ICipherRepository _cipherRepository;
private readonly IFolderRepository _folderRepository;

View File

@ -17,7 +17,7 @@ namespace Bit.Core.Services
{
public class SendService : ISendService
{
public const long MAX_FILE_SIZE = 500L * 1024L * 1024L; // 500MB
public const long MAX_FILE_SIZE = Constants.FileSize501mb;
public const string MAX_FILE_SIZE_READABLE = "500 MB";
private readonly ISendRepository _sendRepository;
private readonly IUserRepository _userRepository;

View File

@ -4,7 +4,7 @@ proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Url-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 105m;
client_max_body_size 505m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
@ -12,4 +12,4 @@ proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
large_client_header_buffers 4 32k;
large_client_header_buffers 4 32k;