Notice how the HEAD response has Upload-Length: 200 although the tusd server should only accept up to 100 bytes. Furthermore, the upload cannot be finished. The client cannot set the upload length in a subsequent PATCH request because the upload length would exceed -max-size.
Expected behavior
tusd should not store more data than specified in -max-size. Additional data should be rejected, similarly to how a PATCH request is handled, where the body contains more data than the upload allows for.
Setup details
Please provide following details, if applicable to your situation:
Describe the bug
Using
Upload-Defer-Length: 1
a client can upload more data than specified in-max-size
.To Reproduce
tusd -max-size 100
Notice how the HEAD response has
Upload-Length: 200
although the tusd server should only accept up to 100 bytes. Furthermore, the upload cannot be finished. The client cannot set the upload length in a subsequent PATCH request because the upload length would exceed-max-size
.Expected behavior
tusd should not store more data than specified in
-max-size
. Additional data should be rejected, similarly to how a PATCH request is handled, where the body contains more data than the upload allows for.Setup details Please provide following details, if applicable to your situation:
-max-size 100
Thanks to @fenos for reporting this.