Comments (8)
I think this is a good question actually. I'd imagine that you could validate within the start
event based on event.file
, once again using standard node libraries. How to cancel or short-circuit the upload midway through though I'm not sure of since it's been a while since I've used this library, but is it not possible to call instance.emit('error', {message: 'Incorrect filetype specified'})
on the server to cancel it and send an error to the client?
@vote539 would most likely know more than me!
I think a streamlined method of doing this would be really nice though.
from socketio-file-upload.
I haven't though about the case of aborting the upload from the server side before the upload is complete. Right now there isn't a good way to abort a file upload from the "start" event, although it would not be hard to add such a feature.
Keep in mind that until the file has finished uploading, the server has no extra information about the file than the client does. The server receives the file name, file size, metadata, and so forth from the client, and until it receives the content of the file, it has no way to verify that information on its own. Client-side checks can abort the file upload before any communication to the server has taken place at al.
In particular, if you're worried about MIME types, keep in mind that in most cases, MIME types are determined from nothing more than the file extension. This is a check that can be performed on the client side instead, avoiding all communications to the back-end. From a security point of view, someone could bypass a client-side MIME type checker, but they could just as easily bypass a server-side MIME type checker by sending an arbitrary file extension.
Transmitting an error event right now unfortunately is only cosmetic and doesn't actually stop a file upload that is in progress.
@LeoCreer Am I missing something? Could you give more details on a use case where server-side checking is superior to client-side checking? Thanks!
from socketio-file-upload.
Umm Im thinking ...
Your right !!!
from socketio-file-upload.
Surely (and this depends on the file type) but if the headers are passed
in, it should be able to be parsed in some way on the server. For example I
was using SIOFU to upload MP3s, and even when it was half completed, I
could send the unfinished chunk into ffprobe and get data back. So mime
checking is of course pointless, but there are still checks you can do for
the validity of a file before it's finished uploading!
Matt
On Wednesday, 13 July 2016, LeoCreer [email protected] wrote:
Umm Im thinking ...
Your right !!!—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
#42 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/ADJOPP0q8ZYp0RYm8RPbx4TcQmCaK1QWks5qVRb1gaJpZM4JHhov
.
from socketio-file-upload.
No idea why my comment has line breaks around the "I"s, by the way. Weird!
from socketio-file-upload.
Great point, @MaffooBristol.
I added a public API to the server-side uploader object in my branch. It can be used as follows to abort an upload from the server side.
uploader.abort(fileInfo.id, socket);
The socket
needs to be passed in because the uploader instance doesn't keep a reference to the socket. I didn't think through the implications of making the uploader save the reference.
If it looks good, I'll merge in this change along with my other changes over the weekend.
from socketio-file-upload.
Nice Job Guys LOL!!!!
from socketio-file-upload.
Closed by #45
from socketio-file-upload.
Related Issues (20)
- Possible memory issue HOT 2
- does it work with socket io 2.0? HOT 1
- how to move file to different folder after receiving. HOT 1
- When maxFileSize is set, emitChunkFail is force to true
- Investigate why tests require Socket.io 2.1.1
- Starting but not uploading HOT 4
- Resume upload on reconnect
- unbind listeners of server instance HOT 1
- Error when file size is greater than maxFileSize
- Rewrite in TypeScript HOT 4
- How's make a client-server-client application ? HOT 1
- Socket disconnects may cancel in-progress uploads for other clients HOT 4
- How to upload a file in base64 format? HOT 3
- How to use node js as client side. HOT 1
- Problem with nginx HOT 4
- 同学,您这个项目引入了372个开源组件,存在8个漏洞,辛苦升级一下 HOT 1
- Upload speed seems slow HOT 1
- No events from the client and the server.
- Is this supposed to work with Socket.IO version 4+? HOT 4
- How to upload files using java client?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from socketio-file-upload.