Opened 11 years ago
Closed 11 years ago
#21033 closed Bug (fixed)
Uploaded file's name truncates to 255 not in all cases
Reported by: | homm | Owned by: | nobody |
---|---|---|---|
Component: | File uploads/storage | Version: | dev |
Severity: | Normal | Keywords: | |
Cc: | bmispelon@… | Triage Stage: | Accepted |
Has patch: | yes | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | yes |
Easy pickings: | no | UI/UX: | no |
Description
If uploaded file name has very-ver long extension, it not truncates to 255 chars.
Change History (8)
comment:1 by , 11 years ago
comment:2 by , 11 years ago
Changing the file extension seems like it may not be a good idea. Did you run into a problem with this?
comment:3 by , 11 years ago
What do you mean by "extension"? This patch truncate sequence of chars after last dot longer then 255 chars. Is it can be called "extension"? I do not think so.
I see problem there: malefactor can send file with name longer then 255 chars. I don't know, is it problem does matter at all. If it does matter let's do strict check. If it is doesn't matter, let's remove this check at all.
comment:4 by , 11 years ago
Triage Stage: | Unreviewed → Accepted |
---|
I don't think 'file extension' can reasonably describe anything that is over 255 chars after a dot. Patch and test look good. (refering to https://github.com/django/django/pull/1548/files#L0L45)
comment:5 by , 11 years ago
Triage Stage: | Accepted → Ready for checkin |
---|
comment:6 by , 11 years ago
Cc: | added |
---|---|
Patch needs improvement: | set |
Triage Stage: | Ready for checkin → Accepted |
I think the tests should be moved to file_uploads/
, next to the one that tests the truncating functionality [1].
I would also rewrite them to immitate the test_filename_overflow
test, which I think tests the issue more accurately: we want to make sure that an uploaded file doesn't have a name longer than 255 characters.
Thanks.
[1] https://github.com/django/django/blob/master/tests/file_uploads/tests.py#L168
comment:8 by , 11 years ago
Resolution: | → fixed |
---|---|
Status: | new → closed |
https://github.com/django/django/pull/1548