From cf7a61b5a2b68fd966c4a355e37e84b048ed296b Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Tue, 31 Jul 2018 15:09:34 +0200 Subject: Cleanup req files on bad request --- server/helpers/core-utils.ts | 2 +- server/helpers/custom-validators/video-captions.ts | 2 +- server/helpers/utils.ts | 28 +++++++++++++++++++++- 3 files changed, 29 insertions(+), 3 deletions(-) (limited to 'server/helpers') diff --git a/server/helpers/core-utils.ts b/server/helpers/core-utils.ts index 2951aef1e..884206aad 100644 --- a/server/helpers/core-utils.ts +++ b/server/helpers/core-utils.ts @@ -58,7 +58,7 @@ function escapeHTML (stringParam) { '<': '<', '>': '>', '"': '"', - "'": ''', + '\'': ''', '/': '/', '`': '`', '=': '=' diff --git a/server/helpers/custom-validators/video-captions.ts b/server/helpers/custom-validators/video-captions.ts index 6a9c6d75c..6b1729f36 100644 --- a/server/helpers/custom-validators/video-captions.ts +++ b/server/helpers/custom-validators/video-captions.ts @@ -1,4 +1,4 @@ -import { CONSTRAINTS_FIELDS, VIDEO_CAPTIONS_MIMETYPE_EXT, VIDEO_LANGUAGES, VIDEO_MIMETYPE_EXT } from '../../initializers' +import { CONSTRAINTS_FIELDS, VIDEO_CAPTIONS_MIMETYPE_EXT, VIDEO_LANGUAGES } from '../../initializers' import { exists, isFileValid } from './misc' import { Response } from 'express' import { VideoModel } from '../../models/video/video' diff --git a/server/helpers/utils.ts b/server/helpers/utils.ts index cfb427570..7abcec5d7 100644 --- a/server/helpers/utils.ts +++ b/server/helpers/utils.ts @@ -6,11 +6,35 @@ import { CONFIG } from '../initializers' import { UserModel } from '../models/account/user' import { ActorModel } from '../models/activitypub/actor' import { ApplicationModel } from '../models/application/application' -import { pseudoRandomBytesPromise } from './core-utils' +import { pseudoRandomBytesPromise, unlinkPromise } from './core-utils' import { logger } from './logger' +import { isArray } from './custom-validators/misc' const isCidr = require('is-cidr') +function cleanUpReqFiles (req: { files: { [ fieldname: string ]: Express.Multer.File[] } | Express.Multer.File[] }) { + const files = req.files + + if (!files) return + + if (isArray(files)) { + (files as Express.Multer.File[]).forEach(f => deleteFileAsync(f.path)) + return + } + + for (const key of Object.keys(files)) { + const file = files[key] + + if (isArray(file)) file.forEach(f => deleteFileAsync(f.path)) + else deleteFileAsync(file.path) + } +} + +function deleteFileAsync (path: string) { + unlinkPromise(path) + .catch(err => logger.error('Cannot delete the file %s asynchronously.', path, { err })) +} + async function generateRandomString (size: number) { const raw = await pseudoRandomBytesPromise(size) @@ -162,6 +186,8 @@ type SortType = { sortModel: any, sortValue: string } // --------------------------------------------------------------------------- export { + cleanUpReqFiles, + deleteFileAsync, generateRandomString, getFormattedObjects, isSignupAllowed, -- cgit v1.2.3