--- /dev/null
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package upload
+
+import (
+ "fmt"
+ "net/http"
+ "strings"
+
+ "code.gitea.io/gitea/modules/log"
+)
+
+// ErrFileTypeForbidden not allowed file type error
+type ErrFileTypeForbidden struct {
+ Type string
+}
+
+// IsErrFileTypeForbidden checks if an error is a ErrFileTypeForbidden.
+func IsErrFileTypeForbidden(err error) bool {
+ _, ok := err.(ErrFileTypeForbidden)
+ return ok
+}
+
+func (err ErrFileTypeForbidden) Error() string {
+ return fmt.Sprintf("File type is not allowed: %s", err.Type)
+}
+
+// VerifyAllowedContentType validates a file is allowed to be uploaded.
+func VerifyAllowedContentType(buf []byte, allowedTypes []string) error {
+ fileType := http.DetectContentType(buf)
+
+ allowed := false
+ for _, t := range allowedTypes {
+ t := strings.Trim(t, " ")
+ if t == "*/*" || t == fileType {
+ allowed = true
+ break
+ }
+ }
+
+ if !allowed {
+ log.Info("Attachment with type %s blocked from upload", fileType)
+ return ErrFileTypeForbidden{Type: fileType}
+ }
+
+ return nil
+}
package repo
import (
- "errors"
- "net/http"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
+ "code.gitea.io/gitea/modules/upload"
api "code.gitea.io/gitea/modules/structs"
)
}
// Check if the filetype is allowed by the settings
- fileType := http.DetectContentType(buf)
-
- allowedTypes := strings.Split(setting.AttachmentAllowedTypes, ",")
- allowed := false
- for _, t := range allowedTypes {
- t := strings.Trim(t, " ")
- if t == "*/*" || t == fileType {
- allowed = true
- break
- }
- }
-
- if !allowed {
- ctx.Error(400, "DetectContentType", errors.New("File type is not allowed"))
+ err = upload.VerifyAllowedContentType(buf, strings.Split(setting.AttachmentAllowedTypes, ","))
+ if err != nil {
+ ctx.Error(400, "DetectContentType", err)
return
}
import (
"fmt"
- "net/http"
"strings"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
+ "code.gitea.io/gitea/modules/upload"
)
func renderAttachmentSettings(ctx *context.Context) {
if n > 0 {
buf = buf[:n]
}
- fileType := http.DetectContentType(buf)
- allowedTypes := strings.Split(setting.AttachmentAllowedTypes, ",")
- allowed := false
- for _, t := range allowedTypes {
- t := strings.Trim(t, " ")
- if t == "*/*" || t == fileType {
- allowed = true
- break
- }
- }
-
- if !allowed {
- log.Info("Attachment with type %s blocked from upload", fileType)
- ctx.Error(400, ErrFileTypeForbidden.Error())
+ err = upload.VerifyAllowedContentType(buf, strings.Split(setting.AttachmentAllowedTypes, ","))
+ if err != nil {
+ ctx.Error(400, err.Error())
return
}
import (
"fmt"
"io/ioutil"
- "net/http"
"path"
"strings"
"code.gitea.io/gitea/modules/repofiles"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/templates"
+ "code.gitea.io/gitea/modules/upload"
"code.gitea.io/gitea/modules/util"
)
if n > 0 {
buf = buf[:n]
}
- fileType := http.DetectContentType(buf)
if len(setting.Repository.Upload.AllowedTypes) > 0 {
- allowed := false
- for _, t := range setting.Repository.Upload.AllowedTypes {
- t := strings.Trim(t, " ")
- if t == "*/*" || t == fileType {
- allowed = true
- break
- }
- }
-
- if !allowed {
- ctx.Error(400, ErrFileTypeForbidden.Error())
+ err = upload.VerifyAllowedContentType(buf, setting.Repository.Upload.AllowedTypes)
+ if err != nil {
+ ctx.Error(400, err.Error())
return
}
}
)
var (
- // ErrFileTypeForbidden not allowed file type error
- ErrFileTypeForbidden = errors.New("File type is not allowed")
// ErrTooManyFiles upload too many files
ErrTooManyFiles = errors.New("Maximum number of files to upload exceeded")
// IssueTemplateCandidates issue templates
projects / gitea.git / commitdiff