2FAS/2fas-server
1
0
Fork 0
mirror of https://github.com/twofas/2fas-server.git synced 2024-11-24 11:20:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

limit request body for icon requests (discord requests)

Browse Source
This commit is contained in:
in-void 2023-01-31 20:26:45 +01:00
parent 1020898dd6
commit 2793b22c23
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/api/icons/service/service.go
View File

@ -174,5 +174,7 @@ func (m *IconsModule) RegisterRoutes(router *gin.Engine) {
publicRouter.GET("/mobile/icons/collections/:collection_id", m.RoutesHandler.FindIconsCollection)
publicRouter.GET("/mobile/icons/collections", m.RoutesHandler.FindAllIconsCollection)
publicRouter.POST("/mobile/icons/requests", m.RoutesHandler.CreateIconRequest)
publicRouter.
Use(httpsec.BodySizeLimitMiddleware(64*1000)).
POST("/mobile/icons/requests", m.RoutesHandler.CreateIconRequest)
}

9
internal/common/http/request.go
View File

@ -4,6 +4,7 @@ import (
"github.com/gin-gonic/gin"
"github.com/google/uuid"
"github.com/twofas/2fas-server/internal/common/logging"
"net/http"
)
const (
@ -43,3 +44,11 @@ func CorrelationIdMiddleware() gin.HandlerFunc {
c.Set(CorrelationIdKey, CorrelationId)
}
}
func BodySizeLimitMiddleware(requestBytesLimit int64) gin.HandlerFunc {
return func(c *gin.Context) {
var w http.ResponseWriter = c.Writer
c.Request.Body = http.MaxBytesReader(w, c.Request.Body, requestBytesLimit)
}
}