Fix upload size limit

b840a724 · Stefy Lanza (nextime / spora ) · 3ee190b3 · b840a724 · b840a724
Commit b840a724 authored Sep 26, 2025 by Stefy Lanza (nextime / spora )
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 5 deletions

file_handler.py app/upload/file_handler.py +2 -2

security.py app/utils/security.py +5 -3

No files found.
--- a/app/upload/file_handler.py
+++ b/app/upload/file_handler.py
@@ -73,7 +73,7 @@ class FileUploadHandler:
            file.seek(0)
            if not validate_file_size(file_size):
-                max_size_mb = current_app.config.get('MAX_CONTENT_LENGTH', 500 * 1024 * 1024) // (1024 * 1024)
+                max_size_mb = current_app.config.get('MAX_CONTENT_LENGTH', 5 * 1024 * 1024 * 1024)
                return False, f"File too large. Maximum size: {max_size_mb}MB"
            return True, None
@@ -613,4 +613,4 @@ def get_file_upload_handler():
    global file_upload_handler
    if file_upload_handler is None:
        file_upload_handler = FileUploadHandler()
    return file_upload_handler
\ No newline at end of file
--- a/app/utils/security.py
+++ b/app/utils/security.py
@@ -304,10 +304,10 @@ def validate_file_size(file_size, max_size=None):
 def detect_malicious_content(file_path):
    """
    Basic malicious content detection
    Args:
        file_path: Path to file to check
    Returns:
        bool: True if potentially malicious content detected
    """
@@ -315,7 +315,9 @@ def detect_malicious_content(file_path):
        # Check file size (extremely large files might be suspicious)
        import os
        file_size = os.path.getsize(file_path)
-        if file_size > 1024 * 1024 * 1024:  # 1GB
+        # Allow up to 5GB for ZIP files (configurable)
+        max_safe_size = current_app.config.get('MAX_CONTENT_LENGTH', 5 * 1024 * 1024 * 1024)
+        if file_size > max_safe_size:
            return True
        # Check for executable signatures in first few bytes