Mercurial Mercurial > prosody > prosody / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
spec/scansion/http_upload.scs
author Kim Alvefur <zash@zash.se>
Tue, 26 Jan 2021 14:53:43 +0100
changeset 11319 c52fcea39c8e
parent 11318 7c8b02c5a335
child 11323 a4b299e37909
permissions -rw-r--r--
mod_http_file_share: Add file type filter Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension.

[Client] Romeo
	password: password
	jid: filesharingenthusiast@localhost/krxLaE3s

-----

Romeo connects

Romeo sends:
	<iq to='upload.localhost' type='get' id='932c02fe-4461-4ad4-9c85-54863294b4dc' xml:lang='en'>
		<request content-type='text/plain' filename='verysmall.dat' xmlns='urn:xmpp:http:upload:0' size='5'/>
	</iq>

Romeo receives:
	<iq id='932c02fe-4461-4ad4-9c85-54863294b4dc' from='upload.localhost' type='result'>
		<slot xmlns='urn:xmpp:http:upload:0'>
			<get url='{scansion:any}'/>
			<put url='{scansion:any}'>
				<header name='Authorization'></header>
			</put>
		</slot>
	</iq>

Romeo sends:
	<iq to='upload.localhost' type='get' id='46ca64f3-518e-42bd-8e2f-4ab2f6d2224f' xml:lang='en'>
		<request content-type='text/plain' filename='toolarge.dat' xmlns='urn:xmpp:http:upload:0' size='10000000000'/>
	</iq>

Romeo receives:
	<iq id='46ca64f3-518e-42bd-8e2f-4ab2f6d2224f' from='upload.localhost' type='error'>
		<error type='modify'>
			<not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
			<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>File too large</text>
			<file-too-large xmlns='urn:xmpp:http:upload:0'>
				<max-file-size>10000000</max-file-size>
			</file-too-large>
		</error>
	</iq>

Romeo sends:
	<iq to='upload.localhost' type='get' id='ac56d83f-a627-4732-8399-60492d1210b6' xml:lang='en'>
		<request content-type='text/plain' filename='invalid/filename.dat' xmlns='urn:xmpp:http:upload:0' size='1000'/>
	</iq>

Romeo receives:
	<iq id='ac56d83f-a627-4732-8399-60492d1210b6' from='upload.localhost' type='error'>
		<error type='modify'>
			<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
			<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Invalid filename</text>
		</error>
	</iq>

Romeo sends:
	<iq to='upload.localhost' type='get' id='1401d3b5-7973-486f-85b3-3e63d13c7f0e' xml:lang='en'>
		<request content-type='application/x-executable' filename='evil.exe' xmlns='urn:xmpp:http:upload:0' size='1000'/>
	</iq>

Romeo receives:
	<iq id='1401d3b5-7973-486f-85b3-3e63d13c7f0e' from='upload.localhost' type='error'>
		<error type='modify'>
			<not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
			<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>File type not allowed</text>
		</error>
	</iq>

Romeo disconnects

# recording ended on 2021-01-27T22:10:46Z
prosody