diff --git a/clientapi/routing/register.go b/clientapi/routing/register.go index 872bdd736..526418669 100644 --- a/clientapi/routing/register.go +++ b/clientapi/routing/register.go @@ -614,7 +614,10 @@ func handleRegistrationFlow( } if cfg.RegistrationDisabled && r.Auth.Type != authtypes.LoginTypeSharedSecret { - return util.MessageResponse(http.StatusForbidden, "Registration has been disabled") + return util.JSONResponse{ + Code: http.StatusForbidden, + JSON: jsonerror.Forbidden("Registration is disabled"), + } } // Make sure normal user isn't registering under an exclusive application diff --git a/federationsender/storage/postgres/joined_hosts_table.go b/federationsender/storage/postgres/joined_hosts_table.go index 0bc9335dd..0c1e91eeb 100644 --- a/federationsender/storage/postgres/joined_hosts_table.go +++ b/federationsender/storage/postgres/joined_hosts_table.go @@ -48,7 +48,7 @@ CREATE INDEX IF NOT EXISTS federatonsender_joined_hosts_room_id_idx const insertJoinedHostsSQL = "" + "INSERT INTO federationsender_joined_hosts (room_id, event_id, server_name)" + - " VALUES ($1, $2, $3)" + " VALUES ($1, $2, $3) ON CONFLICT DO NOTHING" const deleteJoinedHostsSQL = "" + "DELETE FROM federationsender_joined_hosts WHERE event_id = ANY($1)" diff --git a/federationsender/storage/sqlite3/joined_hosts_table.go b/federationsender/storage/sqlite3/joined_hosts_table.go index 1f906808d..4c0c1f510 100644 --- a/federationsender/storage/sqlite3/joined_hosts_table.go +++ b/federationsender/storage/sqlite3/joined_hosts_table.go @@ -47,7 +47,7 @@ CREATE INDEX IF NOT EXISTS federatonsender_joined_hosts_room_id_idx ` const insertJoinedHostsSQL = "" + - "INSERT INTO federationsender_joined_hosts (room_id, event_id, server_name)" + + "INSERT OR IGNORE INTO federationsender_joined_hosts (room_id, event_id, server_name)" + " VALUES ($1, $2, $3)" const deleteJoinedHostsSQL = "" + diff --git a/mediaapi/routing/upload.go b/mediaapi/routing/upload.go index 2c5753745..a38b56e09 100644 --- a/mediaapi/routing/upload.go +++ b/mediaapi/routing/upload.go @@ -158,6 +158,12 @@ func (r *uploadRequest) doUpload( } } + // Check if temp file size exceeds max file size configuration + if bytesWritten > types.FileSizeBytes(*cfg.MaxFileSizeBytes) { + fileutils.RemoveDir(tmpDir, r.Logger) // delete temp file + return requestEntityTooLargeJSONResponse(*cfg.MaxFileSizeBytes) + } + // Look up the media by the file hash. If we already have the file but under a // different media ID then we won't upload the file again - instead we'll just // add a new metadata entry that refers to the same file. @@ -219,19 +225,17 @@ func (r *uploadRequest) doUpload( ) } +func requestEntityTooLargeJSONResponse(maxFileSizeBytes config.FileSizeBytes) *util.JSONResponse { + return &util.JSONResponse{ + Code: http.StatusRequestEntityTooLarge, + JSON: jsonerror.Unknown(fmt.Sprintf("HTTP Content-Length is greater than the maximum allowed upload size (%v).", maxFileSizeBytes)), + } +} + // Validate validates the uploadRequest fields func (r *uploadRequest) Validate(maxFileSizeBytes config.FileSizeBytes) *util.JSONResponse { - if r.MediaMetadata.FileSizeBytes < 1 { - return &util.JSONResponse{ - Code: http.StatusLengthRequired, - JSON: jsonerror.Unknown("HTTP Content-Length request header must be greater than zero."), - } - } if maxFileSizeBytes > 0 && r.MediaMetadata.FileSizeBytes > types.FileSizeBytes(maxFileSizeBytes) { - return &util.JSONResponse{ - Code: http.StatusRequestEntityTooLarge, - JSON: jsonerror.Unknown(fmt.Sprintf("HTTP Content-Length is greater than the maximum allowed upload size (%v).", maxFileSizeBytes)), - } + return requestEntityTooLargeJSONResponse(maxFileSizeBytes) } // TODO: Check if the Content-Type is a valid type? if r.MediaMetadata.ContentType == "" {