From b0aa14ea3b12ab0559793bfb46df4625d7792bd4 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 28 Aug 2016 12:48:24 -0400 Subject: http: refuse to store object of unexpected size --- HTTP/Server.hs | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'HTTP') diff --git a/HTTP/Server.hs b/HTTP/Server.hs index cce91cd..a26cd5e 100644 --- a/HTTP/Server.hs +++ b/HTTP/Server.hs @@ -10,6 +10,7 @@ module HTTP.Server (runServer) where import HTTP import Types import Types.Storage +import Tunables import Storage.Local import Serialization () import Servant @@ -65,9 +66,12 @@ getObject st i _pow = do putObject :: ServerState -> StorableObjectIdent -> Maybe ProofOfWork -> StorableObject -> Handler (ProofOfWorkRequirement StoreResult) putObject st i _pow o = do - r <- liftIO $ storeShare serverStorage i (Share dummyShareNum o) - liftIO $ requestObscure st - return (Result r) + if validObjectsize o + then do + r <- liftIO $ storeShare serverStorage i (Share dummyShareNum o) + liftIO $ requestObscure st + return (Result r) + else throwError err413 -- Request Entity Too Large countObjects :: ServerState -> Maybe ProofOfWork -> Handler (ProofOfWorkRequirement CountResult) countObjects _st _pow = liftIO $ Result <$> countShares serverStorage -- cgit v1.2.3