diff --git a/src/Api/Controllers/CiphersController.cs b/src/Api/Controllers/CiphersController.cs index f34228c874..2419357281 100644 --- a/src/Api/Controllers/CiphersController.cs +++ b/src/Api/Controllers/CiphersController.cs @@ -17,6 +17,7 @@ using Microsoft.Azure.EventGrid.Models; using Bit.Core.Models.Data; using Microsoft.Extensions.Logging; using Newtonsoft.Json; +using Bit.Core; namespace Bit.Api.Controllers { @@ -622,7 +623,7 @@ namespace Bit.Api.Controllers } [HttpPost("{id}/attachment/{attachmentId}")] - [DisableRequestSizeLimit] + [RequestSizeLimit(Constants.FileSize501mb)] [DisableFormValueModelBinding] public async Task PostFileForExistingAttachment(string id, string attachmentId) { @@ -652,7 +653,7 @@ namespace Bit.Api.Controllers } [HttpPost("{id}/attachment")] - [RequestSizeLimit(105_906_176)] + [RequestSizeLimit(Constants.FileSize101mb)] [DisableFormValueModelBinding] public async Task PostAttachment(string id) { @@ -676,7 +677,7 @@ namespace Bit.Api.Controllers } [HttpPost("{id}/attachment-admin")] - [RequestSizeLimit(105_906_176)] + [RequestSizeLimit(Constants.FileSize101mb)] [DisableFormValueModelBinding] public async Task PostAttachmentAdmin(string id) { @@ -709,7 +710,7 @@ namespace Bit.Api.Controllers } [HttpPost("{id}/attachment/{attachmentId}/share")] - [RequestSizeLimit(105_906_176)] + [RequestSizeLimit(Constants.FileSize101mb)] [DisableFormValueModelBinding] public async Task PostAttachmentShare(string id, string attachmentId, Guid organizationId) { @@ -805,7 +806,7 @@ namespace Bit.Api.Controllers throw new BadRequestException("Invalid content."); } - if (Request.ContentLength > 105906176) // 101 MB, give em' 1 extra MB for cushion + if (Request.ContentLength > Constants.FileSize101mb) { throw new BadRequestException("Max file size is 100 MB."); } diff --git a/src/Api/Controllers/SendsController.cs b/src/Api/Controllers/SendsController.cs index 66022e9513..87c5e40aa7 100644 --- a/src/Api/Controllers/SendsController.cs +++ b/src/Api/Controllers/SendsController.cs @@ -19,6 +19,7 @@ using Bit.Core.Models.Table; using Newtonsoft.Json; using Bit.Core.Models.Data; using Microsoft.Extensions.Logging; +using Bit.Core; namespace Bit.Api.Controllers { @@ -166,7 +167,7 @@ namespace Bit.Api.Controllers } [HttpPost("file")] - [RequestSizeLimit(105_906_176)] + [RequestSizeLimit(Constants.FileSize101mb)] [DisableFormValueModelBinding] public async Task PostFile() { @@ -175,7 +176,7 @@ namespace Bit.Api.Controllers throw new BadRequestException("Invalid content."); } - if (Request.ContentLength > 105906176) // 101 MB, give em' 1 extra MB for cushion + if (Request.ContentLength > Constants.FileSize101mb) { throw new BadRequestException("Max file size is 100 MB."); } @@ -249,7 +250,7 @@ namespace Bit.Api.Controllers } [HttpPost("{id}/file/{fileId}")] - [DisableRequestSizeLimit] + [RequestSizeLimit(Constants.FileSize501mb)] [DisableFormValueModelBinding] public async Task PostFileForExistingSend(string id, string fileId) { @@ -258,7 +259,7 @@ namespace Bit.Api.Controllers throw new BadRequestException("Invalid content."); } - if (Request.ContentLength > 105906176 && !_globalSettings.SelfHosted) // 101 MB, give em' 1 extra MB for cushion + if (Request.ContentLength > Constants.FileSize101mb && !_globalSettings.SelfHosted) { throw new BadRequestException("Max file size for direct upload is 100 MB."); } diff --git a/src/Core/Constants.cs b/src/Core/Constants.cs index 71a8404f50..5c52e1422a 100644 --- a/src/Core/Constants.cs +++ b/src/Core/Constants.cs @@ -3,6 +3,12 @@ public static class Constants { public const int BypassFiltersEventId = 12482444; + + // File size limits - give 1 MB extra for cushion. + // Note: if request size limits are changed, 'client_max_body_size' + // in nginx/proxy.conf may also need to be updated accordingly. + public const long FileSize101mb = 101L * 1024L * 1024L; + public const long FileSize501mb = 501L * 1024L * 1024L; } public static class TokenPurposes diff --git a/src/Core/Services/Implementations/CipherService.cs b/src/Core/Services/Implementations/CipherService.cs index a9ceb14e7a..77726c65fb 100644 --- a/src/Core/Services/Implementations/CipherService.cs +++ b/src/Core/Services/Implementations/CipherService.cs @@ -18,7 +18,7 @@ namespace Bit.Core.Services { public class CipherService : ICipherService { - public const long MAX_FILE_SIZE = 500L * 1024L * 1024L; // 500MB + public const long MAX_FILE_SIZE = Constants.FileSize501mb; public const string MAX_FILE_SIZE_READABLE = "500 MB"; private readonly ICipherRepository _cipherRepository; private readonly IFolderRepository _folderRepository; diff --git a/src/Core/Services/Implementations/SendService.cs b/src/Core/Services/Implementations/SendService.cs index 8901ef9ca9..17446863a2 100644 --- a/src/Core/Services/Implementations/SendService.cs +++ b/src/Core/Services/Implementations/SendService.cs @@ -17,7 +17,7 @@ namespace Bit.Core.Services { public class SendService : ISendService { - public const long MAX_FILE_SIZE = 500L * 1024L * 1024L; // 500MB + public const long MAX_FILE_SIZE = Constants.FileSize501mb; public const string MAX_FILE_SIZE_READABLE = "500 MB"; private readonly ISendRepository _sendRepository; private readonly IUserRepository _userRepository; diff --git a/util/Nginx/proxy.conf b/util/Nginx/proxy.conf index 1bc58406f7..7e79415138 100644 --- a/util/Nginx/proxy.conf +++ b/util/Nginx/proxy.conf @@ -4,7 +4,7 @@ proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Url-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; -client_max_body_size 105m; +client_max_body_size 505m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; @@ -12,4 +12,4 @@ proxy_read_timeout 90; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; -large_client_header_buffers 4 32k; \ No newline at end of file +large_client_header_buffers 4 32k;