search

luis901101 / cloudflare

BSD 2-Clause "Simplified" License
13 stars 2 forks source link

Enhancement: imageApi - ability to specify image filename when uploading image using contentFromBytes #3

Open mariusbloemhof opened 1 year ago

mariusbloemhof commented 1 year ago

Hi,

Currently, when using contentFromBytes when uploading an image, all image file names on CloudFlare appear as 'image-from-bytes'

//From bytes
CloudflareHTTPResponse<CloudflareImage?> responseFromBytes = await cloudflare.imageAPI.upload(  
  contentFromBytes: DataTransmit<Uint8List>(data: imageBytes, progressCallback: (count, total) {  
    print('Upload progress: $count/$total');  
  })  
);

this seems to be because the HTTP post is specifying it as such. Please can the file name be abstracted so that we can specify it in imageAPI.upload() call?

@POST('/v1')
  @MultiPart()
  @Headers(RestAPIService.defaultHeaders)
  Future<HttpResponse<CloudflareResponse?>> uploadFromBytes({
    @Part(name: Params.file, fileName: 'image-from-bytes')
        required List<int> bytes,
    @Part() bool? requireSignedURLs,
    @Part() Map<String, dynamic>? metadata,
    @SendProgress() ProgressCallback? onUploadProgress,
    @CancelRequest() CancelToken? cancelToken,
  });
luis901101 commented 1 year ago

Hi @mariusbloemhof and thanks for using the package, I just released v2.1.0+14 which allows you to specify custom file name for media upload. I also released new breaking change version due to dio and retrofit breaking changes. Anyway I recommend you to avoid using signed upload to Cloudflare from client side, recommended way is to use unsigned upload by using directUploads, unless you are working on the server side in dart.

mariusbloemhof commented 1 year ago

Hi @luis901101, thanks I will definitely try the new version and let you know if there are any issues.

Any comment as to why the preferred method of upload is DirectUpload?

Also, is there any specific reason why this should not be used for Flutter Web? I am currently using it for Web without issues, I simply changed settings to allow for CORS when testing from local

luis901101 commented 1 year ago

Client side apps should not use signed upload for a security matter… documentation explains it. Anyway, the thing is for you to be able to do signed requests to cloudflare API, you need to use accountID+token+key or any of the 3 ways Cloudflare allows you to do signed requests… so you will have your cloudflare credentials stored on client side which is a security vulnerability.