Wasp•2y ago

File upload size limit

I'm trying to implement max file upload size to the s3 bucket. I've handled the front-end but I worry that more advanced users could bypass this and spam my s3 bucket.

Here is what I've been trying on the backend (just added the conditions) but it still uploads files greater than MAX_UPLOAD_SIZE (1 * 1024 * 1024):

export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}

export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}

export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}

export const getUploadFileSignedURLFromS3 = async ({fileType, userInfo}: S3Upload) => {
    const ex = fileType.split('/')[1];
    const Key = `${userInfo}/${randomUUID()}.${ex}`;
    const Conditions = [
        ["content-length-range", 1, MAX_UPLOAD_SIZE]
    ];

    const s3Params = {
        Bucket: process.env.AWS_S3_FILES_BUCKET,
        Key,
        Conditions,
        ContentType: `${fileType}`
    };

    const command = new PutObjectCommand(s3Params);
    const uploadUrl = await getSignedUrl(s3Client, command, { expiresIn: 3600, });
    
    return { uploadUrl, key: Key };
}

File upload size limit

Similar Threads

Similar Threads

Similar Threads