Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enforce upload size limit on putResourceFromUrl api #8562

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

tylerjmchugh
Copy link
Contributor

@tylerjmchugh tylerjmchugh commented Dec 13, 2024

Currently the putResourceFromURL api does not enforce the maximum upload size limit. This means that you can upload files larger than the limit if you provide a URL to that resource rather than uploading the file directly.

This PR aims to fix this issue by checking the InputStream's available bytes against the configured maxUploadSize.

Checklist

  • I have read the contribution guidelines
  • Pull request provided for main branch, backports managed with label
  • Good housekeeping of code, cleaning up comments, tests, and documentation
  • Clean commit history broken into understandable chucks, avoiding big commits with hundreds of files, cautious of reformatting and whitespace changes
  • Clean commit messages, longer verbose messages are encouraged
  • API Changes are identified in commit messages
  • Testing provided for features or enhancements using automatic tests
  • User documentation provided for new features or enhancements in manual
  • Build documentation provided for development instructions in README.md files
  • Library management using pom.xml dependency management. Update build documentation with intended library use and library tutorials or documentation

@CLAassistant
Copy link

CLAassistant commented Dec 13, 2024

CLA assistant check
All committers have signed the CLA.

@josegar74 josegar74 added this to the 4.4.7 milestone Dec 16, 2024
@tylerjmchugh tylerjmchugh marked this pull request as ready for review December 18, 2024 15:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants