Limit maximum size of uploads to be viewed as code

depado / goploader

Easy file sharing with server-side encryption, curl/httpie/wget compliant

https://docs.gpldr.in

MIT License

273 stars 41 forks source link

Limit maximum size of uploads to be viewed as code #63

Closed tribut closed 6 years ago

tribut commented 6 years ago

When using "view code" the whole file is read into RAM before being echoed back to the user. When large uploads are allowed (e.g. in the same order of magnitude as the available RAM) this can lead to performance problems and can easily be abused by a malicious user.

This is a breaking change - if a server operator wants to maintain the unlimited behaviour he would have to set ViewLimit >= SizeLimit.

depado commented 6 years ago

Thanks a lot for your contributions on goploader ! I appreciate that ! :+1: thanks