laantungir/blossom
1
0
Fork 0
mirror of https://github.com/hzrd149/blossom.git synced 2025-12-10 15:38:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
381edc3777dc89a69f9fa0191b74a7fb35ac0eaa
blossom/buds/06.md
quentintaranpino 86d8da4870 upload authorization. More examples, fix some typo
2024-09-12 09:35:07 +02:00

77 lines
2.6 KiB
Markdown
Raw Blame History

BUD-06
======
Upload requirements
---------------
`draft` `optional`
Defines how clients can verify if the upload can be completed before sending the blob to the server. This mechanism helps prevent unnecessary traffic to other endpoints by rejecting files based on their hash, size, MIME type or other server-specific requirements.
## HEAD /upload - Upload requirements
The `HEAD /upload` endpoint `MUST` use the `Content-Digest`, `X-Content-Type` and `X-Content-Length` headers sent by client to get the SHA-256 hash, MIME type and size of the blob that will be uploaded, returning a HTTP status code and a custom header `X-Upload-Message` to indicate some human readable message about the upload requirements.
### Headers
- `Content-Digest`: A string formatted as `sha-256=:<base64digest>:`, where `<base64digest>` is the base64-encoded SHA-256 hash of the blob.
- `X-Content-Length`: An integer that represents the blob size in bytes.
- `X-Content-Type`: A string that specifies the fblobile's MIME type, like `application/pdf` or `image/png`.
- `X-Upload-Message`: A human readable message that explains the reason why the upload cannot proceed.
### Upload Authorization
The `HEAD /upload` endpoint MAY accept an `upload` authorization event using the `Authorization` header similar to what is used in the [`PUT /upload`](./02.md#upload-authorization-required) endpoint
If the server requires authorization to upload it may respond with the `401` status code, or if authorization was provided and is invalid or not permitted it may respond with `403` status code
### Examples
Example request from the client:
```http
X-Content-Type: application/pdf
X-Content-Length: 184292
Content-Digest: SHA-256=:88a74d0b866c8ba79251a11fe5ac807839226870e77355f02eaf68b156522576:
```
Example response from the server if the upload can be done:
```http
HTTP/1.1 200 OK
```
If the upload cannot proceed, the server `MUST` return an appropriate `4xx` HTTP status code and a custom header `X-Upload-Message` with a human readable error message.
Some examples of error messages:
```http
HTTP/1.1 400 Bad Request
X-Upload-Message: Invalid Content-Digest header format. Expected format: sha-256=:<hash>:
```
```http
HTTP/1.1 401 Unauthorized
X-Upload-Message: Authorization required for uploading video files
```
```http
HTTP/1.1 401 Forbidden
X-Upload-Message: Account banned
```
```http
HTTP/1.1 411 Length Required
X-Upload-Message: Missing Content-Length or X-Content-Length headers
```
```http
HTTP/1.1 413 Content Too Large
X-Upload-Message: File too large. Max allowed size is 100MB
```
```http
HTTP/1.1 415 Unsupported Media Type
X-Upload-Message: Unsupported file type.
```
Reference in New Issue View Git Blame Copy Permalink