Remove client MIME type parameter from Upload

- Fix: Always detect MIME type server-side from file content instead of
  trusting or forwarding the client-supplied value.
This commit is contained in:
2026-06-24 20:27:22 +08:00
parent be4fcad605
commit a78d43b166
3 changed files with 34 additions and 35 deletions
+4 -2
View File
@@ -4,6 +4,7 @@ import (
"errors"
"fmt"
"io"
"mime"
"net/http"
"net/url"
"strconv"
@@ -44,7 +45,8 @@ func (h *FileHandler) Upload(c *gin.Context) {
contentType := c.GetHeader("Content-Type")
// Directory creation via JSON.
if len(contentType) >= 16 && contentType[:16] == "application/json" {
mediaType, _, _ := mime.ParseMediaType(contentType)
if mediaType == "application/json" {
var req createDirRequest
if err := c.ShouldBindJSON(&req); err != nil {
api.Error(c, http.StatusBadRequest, "invalid request: "+err.Error())
@@ -86,7 +88,7 @@ func (h *FileHandler) Upload(c *gin.Context) {
}
defer file.Close()
info, err := h.fileService.Upload(c.Request.Context(), userID, parentID, header.Filename, file, header.Header.Get("Content-Type"))
info, err := h.fileService.Upload(c.Request.Context(), userID, parentID, header.Filename, file)
if err != nil {
api.Error(c, mapError(err), err.Error())
return