possibility to restrict upload

[hpvd]

possibility to restrict upload form same client in an easy way

for

• usability (make user know what is expected),
• load handling and
• security reasons

possible restrictions:

• allowed filetypes (whitelist)
• max number of file size (each) - if already know at start of upload
• max number of files simultaneously

and maybe also

• max number of files within a defined period (e.g. 10 per hour)
• parts of filename: blacklisted words and unwanted characters like " ", "ü"...
  (not that user-friendly but sometimes necessary because of system restrictions...)
• min number of file size (each)
  e.g. for first instance image quality check (no one wants to print a 1kb jpeg) and of course for security (no upload of tiny scripts is need)

give always a message why upload is not working anymore

[hpvd]

maybe also blacklisting filetypes may find it's use cases... e.g. only exclude files possibly harming security

[hpvd]

in a second step, some kind of simple wildcard concept for filetypes and filename check
could be worth to think about

[hpvd]

just opend an extra issue for the topic "security" #86

[hpvd]

when making a basic function of this (as first step)
which make it possible to only allow some special filetypes to be accepted for upload
one need

• a place to show which filetypes are allowed (could be only 1 or 20 types)
• some kind of "refusing message"

in addition

• one can set up a "prefilter" e.g. for upload from local, that only the allowed filetypes are shown in file selection window...

[hpvd]

btw:
are there any plans to integrate a least a basic function of this (only restrict filetypes)?
Couldn't find anything within planning changelog...

[hpvd]

how to setup a perfilter in upload (click local button in uppy), is described here in a gerat way
http://stackoverflow.com/a/23706177

[hpvd]

already mentioned but best fits in this place:

that restricting filetype is probably important for many people could be easily proofed by a short google search for
upload restrict filetype
direct: https://www.google.de/#q=upload+restrict+filetype
=> there are about 400.000 results talking about this topic

[hpvd]

for
file upload restrict number of files
direct: https://www.google.de/#q=file+upload+restrict+number+of+files
=> there are about 6.600.000 results

[kvz]

Please don't feel the need to paste the same thing in multiple tickets, in addition to referencing this one in many other tickets :) we appreciate the feedback but we're trying to keep the conversation focused. Know that we read and consider everything, so really no need to add more of the same 👍

There are also millions of results for: 'playing the violin in the dark ages on a plane'. Which I don't believe is an indication for millions of people wanting that. I do agree adding some basic check will be nice to have. I disagree that rate limiting and the likes belong in the client.

[arturi]

Related / duplicate: #164

[arturi]

Added in 0.17, closing in favor of #164. Thank you!