-
-
Notifications
You must be signed in to change notification settings - Fork 348
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/http multipart post #697
Feature/http multipart post #697
Conversation
Tested all flows: -In two cases I got file corruption of a previously and correctly uploaded content, after a new big upload (1MB boundary?). ** I will do further testing to track down this, as the only relevant issue ** Minor detail as example, any error is displayed in console but not on the upload page |
That is a limitation of spiffs - while we can guess the probably free space - we can never surely tell if it will fit since spiffs also requires space for metadata
Also spiffs limitation - 31chars is the maximum (including the extension) - for this scenario it might be good to define the default behavior (show error page saying "filename too large")
That is proper default behavior - it is up to the sming user to tell if the upload is accepted or not in the callback.
That would be good - I suspect it's also related to spiffs - it would be great if you can track this down. |
@patrickjahns : @robotiko :
Spiffs/filewrite should give an error return when a filewrite doesn't fit on the FS. That is independent on the size of the file currently being written. -> Also small files can get the FS filled.
There is an application callback, if the filename is to long before the callback, the application can update it to a correct filename. If it is to long after the callback, the upload should be cancelled (skipped) and reported as an erroneous download when the httprequest is complete. |
That
more thoughts on this
different things that came to my mind: This is related to a different thought I was having: if we want to secure the upload endpoint with http basic auth - it is currently only possible after the upload finished and we are in the normal callback. But for security purposes we should intercept the upload after the headers have been parsed and before we actually open+write to a file |
The http_response class should not write a response. It is up to the application to react to the "outside world" We just provide the information : The upload was aborted.
The httprequest is available in the httpupload callback. With that information the application can decide. (correct ?) |
Yes the request is available But my remarks are, with the current flow:
This way even if someone is not allowed to upload data - it is still forced to first accept all client packets before we actually react and close the connection It would be better if the APP: has access to response object; sets the response to not allowed; tells Sming to not process it further but send the response/error code at that very moment (Similar to the process we internally do when we receive a bad request) |
Post parameters with multipart encoding should be implemented with the upcoming Http refactoring (#1112). |
Some fixes for issues noticed in #694