Browse Source

load max file size and file lifetime from a separate insecure config

master
Peter Cai 3 years ago
parent
commit
13bc689305
No known key found for this signature in database
GPG Key ID: 71F5FB4E4F3FD54F
  1. 3
      .gitignore
  2. 5
      config.insecure.json.example
  3. 14
      src/util.coffee
  4. 2
      src/web/helpButton.coffee

3
.gitignore vendored

@ -9,4 +9,5 @@ worker/
node_modules/
.cargo-ok
wrangler.toml
config.json
config.json
config.insecure.json

5
config.insecure.json.example

@ -0,0 +1,5 @@
{
"comments": "This file contains configuration that will be load into the browser frontend. See src/util.coffee for details.",
"max_upload_size": 10485760,
"file_lifetime": "7 days"
}

14
src/util.coffee

@ -1,7 +1,16 @@
import configInsec from "../config.insecure.json"
import { detect as detectBrowser } from 'detect-browser'
# The following two items are read from `config.insecure.json`
# These configuration will be load into the frontend, so make sure
# no sensitive information is leaked through the json
# Maximum upload size (in bytes)
MAX_UPLOAD_SIZE = 10 * 1024 * 1024 # 10 MB
MAX_UPLOAD_SIZE = configInsec.max_upload_size
# File lifetime (deleted after X days)
# This is only intended for human, any auto-deletion
# should be configured in your S3 bucket
FILE_LIFETIME = configInsec.file_lifetime
# Maximum file name length
MAX_FILENAME_LENGTH = 255 # bytes
@ -91,5 +100,6 @@ export {
isText,
progressText,
humanFileSize,
MAX_FILENAME_LENGTH
MAX_FILENAME_LENGTH,
FILE_LIFETIME
}

2
src/web/helpButton.coffee

@ -19,7 +19,7 @@ class HelpButton extends React.Component
There is <strong>absolutely no guarantee</strong> on its functionality, security and reliability.
</p>
<p>
<strong>Maximum file size: {util.humanFileSize util.MAX_UPLOAD_SIZE}</strong>, all uploads are kept for <strong>7 days</strong> only.
<strong>Maximum file size: {util.humanFileSize util.MAX_UPLOAD_SIZE}</strong>, all uploads are kept for <strong>{util.FILE_LIFETIME}</strong> only.
</p>
<p>
File uploads with <strong>"Encryption: ON"</strong> are encrypted with <i>AES-128-GCM</i> before uploading to server.

Loading…
Cancel
Save