Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
File size limit cancels file upload only after all bytes are received
See original GitHub issueI’ve been using multer for file uploads, and I’ve noticed an issue with the file size limit. I’m using the limits option to prevent the upload of files that are too large.
const upload = multer({
storage: multer.memoryStorage(),
limits: {
fieldNameSize: 255,
fileSize: 500000,
files: 1,
fields: 1
}
});
When uploading an image to my API, multer seems to wait until it has received all of the image bytes before failing with the “LIMIT_FILE_SIZE” code.
Isn’t it a security vulnerability if your API allows someone to upload an arbitrarily large file before failing the request? Is there another technique for preventing the behavior?
Issue Analytics
- State:
- Created 7 years ago
- Reactions:45
- Comments:31 (8 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Is there any update in regards to this issue? Does this really persist since 2016?
PR sent: https://github.com/expressjs/multer/pull/447