Getting an uploaded file #137
Comments
|
We don't currently handle form posts, as far as I know. If you use a file input type, we expect just the file. So in curl you should use |
|
The mentioned tickets are about multipart input with Also note that accepting form posts in an API might be unsafe, since you can do cross domain form posts. So a nefarious site could have users post under their credentials to your API. |
|
Ah, thanks for the clarification around using I don't know whether or not form posts is a good feature for this library... |
|
We've wanted something like it for a while, since otherwise you cannot post e.g. a file and its name together, but you have to do it in two separate calls. Good to know you have it working! |
|
If we check the referrer + the user's browser isn't vulnerable to spoofing the referrer, it should be safe right? |
|
The problem with referrer checking is that often you get no referrer. |
|
Ah, yes - it would indeed be good to be able to include other information along with the data. :) |
|
Hi again, everyone! I'm now reaching a point where it looks like I will need to somehow get a file delivered using the multipart/form-data encoding. Has there been any progress on this? Cheers! |
|
No, we haven't worked on this at all. If you want to work on this, it would probably be best to discuss your needs and the design here, I think. |
When uploading files, the ByteString looks to include the complete request, including headers and whatnot. The ByteString will look something like this:
This surprised me a bit - I thought I would be getting the uploaded file's content.
I uploaded the file like so:
How would a user go about extracting the actual file?
Might be related to #68 and #102.
Thanks!
The text was updated successfully, but these errors were encountered: