-
-
Notifications
You must be signed in to change notification settings - Fork 192
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set upper limit to attachment size #84
Comments
Agree! I found a nice way to add a limit for the file size when using next-s3-upload (the third package I used), but it requires a change in the library (see this open PR). I hope the repository is still maintained (last commit is from October), otherwise I’ll just fork the package. |
Seems like that will work, for S3 which is great. |
You’re right, I just pushed a check for the file size on the client side, which is nice for user experience anyway. But ultimately, we need to perform a better check, as for now nothing prevents a user from tweaking the code in the browser to disable the check. |
Just tested latest and looks great!
Agree that “server” check is needed 👍
|
After a bit more thought, suggest perhaps a max limit of 2MB? |
A setting you should probably be able to tweak in a .env file, instead of having to hardcode. |
Great point about the .env file, agree! |
The app seems to allow any size file to be uploaded, strongly suggest something like a setting that optionally limits the max attachment size and displays an error/warning if exceeded to:
a) conserve storage and
b) prevent bad actors
See screenshot of the 35MB sample image I was able to upload just now (I've since deleted the expense, however I'm unsure if the image has been deleted from S3?)
The text was updated successfully, but these errors were encountered: