Commit 81c02f2e authored by Aral Balkan's avatar Aral Balkan
Browse files

Now returning name of the file as response. Mutler is only being added to the...

Now returning name of the file as response. Mutler is only being added to the /upload route (security enhancement). File name is a unique short hash.
parent 9d628efc
......@@ -2,17 +2,16 @@ express = require 'express'
multer = require 'multer'
fs = require 'fs'
moment = require 'moment'
shorthash = require 'shorthash'
app = express()
# We can remove this now that the Node app is serving the static assets also.
# app.all '*', (req, res, next) ->
# # Cross-Origin Resource Sharing (CORS) — courtesy http://enable-cors.org/server_expressjs.html
# res.header "Access-Control-Allow-Origin", "*"
# res.header "Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"
# next()
app.use multer {
#
# Use mutler only on the /upload URL
# (See https://github.com/expressjs/multer/issues/59)
# Also see: https://github.com/jpfluger/multer/blob/examples/multer-upload-files-to-different-directories.md
#
app.use '/upload', multer {
dest: './videos/'
limits:
......@@ -20,13 +19,17 @@ app.use multer {
fileSize: 50000000 # 50MB
rename: (fieldname, filename) ->
return (fieldname + '-' + moment().format().replace(/:/g, '_').replace(/\+/g, '_').replace(/-/g, '_') + '-' + filename).toLowerCase()
#
# Create a short hash of the unique name so that it is easier to type, etc.
# and isn’t intimidating when the user sees the URL for sharing.
#
return shorthash.unique(fieldname).toLowerCase()
onFileUploadStart: (file) ->
console.log file.fieldname + ' is about to start uploading…'
console.log file
# Do some security checks.
# Security checks.
fieldnameIsWrong = (file.fieldname != 'video-message')
mimetypeIsWrong = (/^video.*/.test(file.mimetype) == false)
......@@ -36,12 +39,42 @@ app.use multer {
}
#
# Serve static files from the /public folder.
#
app.use(express.static(__dirname + '/public'));
app.post '/upload', (request, response) ->
console.log 'POST /upload called.'
# console.dir(request.files)
# console.log request.files['video-message']['size']
console.dir(request.files)
# The URL of the video is the file name portion of the video name
# (sans the extension).
error = false
responseString = null
videoMessage = request.files['video-message']
if videoMessage
videoPath = videoMessage['name']
if videoPath
responseString = videoPath
else
error = true
else
error=true
if error
# Something went wrong and we didn’t get the
# upload we were looking for. This really
# shouldn’t happen.
response.status(500).send('Video upload failed.')
else
#
# OK, return the path of the video
#
response.end responseString
server = app.listen 3000, ->
console.log "Listening on port %d", server.address().port
\ No newline at end of file
console.log "Listening on port %d", server.address().port
......@@ -123,7 +123,7 @@ uploadItButton.addEventListener('click', function(evt) {
var xhr = new XMLHttpRequest();
xhr.open('post', 'http://192.168.0.95:3000/upload', true);
xhr.open('post', '/upload', true);
xhr.upload.addEventListener('loadstart', function(e) {
// When the request starts.
......@@ -200,6 +200,8 @@ uploadItButton.addEventListener('click', function(evt) {
if( this.readyState === 4 ) {
// the transfer has completed and the server closed the connection.
console.log('xhr readystatechange');
console.log('Received: ');
console.log(e.target.responseText);
}
});
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment