Missing content-length header on uploaded files #77

New Issue

alex · 2024-01-10T19:57:52Z

alex commented

2024-01-10 19:57:52 +00:00

I'm still having problems with #68. Eg NVK's profile still broken: https://gleasonator.com/@e88a691e98d9987c964521dff60025f60700378a4879180dcbbb4a5027850411@mostr.pub

I think it's due to not having a content-length header on GET/HEAD response for uploaded files. I commented out some code that checks for it, and I thought the problem was resolved. But I uncommented it, and a day later the cache expired and it broke again. So I believe content-length is also required.

I've thought about whether I can rework my media proxy to not care about this header. But I think it makes sense to check the content-length. Then people can enforce a filesize limit on remote files (Nostr clients can do this, too, and probably should), and if the file exceeds the limit while streaming it you can disconnect. So, it would be good to have either way, and most servers do provide it.

Current behavior:

curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp

HTTP/2 200 
date: Wed, 10 Jan 2024 19:27:08 GMT
content-type: image/webp
x-frame-options: SAMEORIGIN
content-disposition: inline; filename="IMG_2914.JPG"
strict-transport-security: max-age=15724800; includeSubDomains

Desired outcome:

curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp

HTTP/2 200 
...
content-length: 175146
...

I'm still having problems with #68. Eg NVK's profile still broken: https://gleasonator.com/@e88a691e98d9987c964521dff60025f60700378a4879180dcbbb4a5027850411@mostr.pub I think it's due to not having a `content-length` header on GET/HEAD response for uploaded files. I commented out some code that checks for it, and I thought the problem was resolved. But I uncommented it, and a day later the cache expired and it broke again. So I believe `content-length` is also required. I've thought about whether I can rework my media proxy to not care about this header. But I think it makes sense to check the `content-length`. Then people can enforce a filesize limit on remote files (Nostr clients can do this, too, and probably should), and if the file exceeds the limit while streaming it you can disconnect. So, it would be good to have either way, and most servers do provide it. Current behavior: ```sh curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp HTTP/2 200 date: Wed, 10 Jan 2024 19:27:08 GMT content-type: image/webp x-frame-options: SAMEORIGIN content-disposition: inline; filename="IMG_2914.JPG" strict-transport-security: max-age=15724800; includeSubDomains ``` Desired outcome: ```sh curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp HTTP/2 200 ... content-length: 175146 ... ```

Kieran referenced this issue from a commit

2024-01-10 22:57:33 +00:00

fixes #77

Kieran closed this issue

2024-01-10 22:57:33 +00:00

Kieran commented

2024-01-10 23:01:31 +00:00

kieran@Kierans-MacBook-Pro ~ % curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp
HTTP/2 200 
date: Wed, 10 Jan 2024 23:01:05 GMT
content-type: image/webp
content-length: 175146
x-frame-options: SAMEORIGIN
content-disposition: inline; filename="IMG_2914.JPG"
strict-transport-security: max-age=15724800; includeSubDomains

```bash kieran@Kierans-MacBook-Pro ~ % curl -I https://void.cat/d/MreaerC65YkE8zeHvVv6XM.webp HTTP/2 200 date: Wed, 10 Jan 2024 23:01:05 GMT content-type: image/webp content-length: 175146 x-frame-options: SAMEORIGIN content-disposition: inline; filename="IMG_2914.JPG" strict-transport-security: max-age=15724800; includeSubDomains ```

Sign in to join this conversation.