From 4dd38446807360d1e96416ec2eac50077fd914f1 Mon Sep 17 00:00:00 2001 From: psychobunny Date: Sun, 18 Apr 2021 20:31:08 -0400 Subject: [PATCH] fix: logic is hard --- src/middleware/uploads.js | 3 ++- test/uploads.js | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/src/middleware/uploads.js b/src/middleware/uploads.js index 8da5dfdf7a..cfee3938c2 100644 --- a/src/middleware/uploads.js +++ b/src/middleware/uploads.js @@ -17,7 +17,8 @@ module.exports = function (middleware) { } const count = (cache.peek(`${req.ip}:uploaded_file_count`) || 0) + req.files.files.length; - if (count > meta.config.uploadRateLimitThreshold) { + + if (count >= meta.config.uploadRateLimitThreshold) { return next(new Error(['[[error:upload-ratelimit-reached]]'])); } diff --git a/test/uploads.js b/test/uploads.js index af99c2090f..ae3fe3de6a 100644 --- a/test/uploads.js +++ b/test/uploads.js @@ -83,8 +83,9 @@ describe('Upload Controllers', () => { // why / 2? see: helpers.uploadFile for a weird quirk where we actually upload 2 files per upload in our tests. async.timesSeries(meta.config.uploadRateLimitThreshold / 2, (i, next) => { helpers.uploadFile(`${nconf.get('url')}/api/post/upload`, path.join(__dirname, '../test/files/503.html'), {}, jar, csrf_token, (err, res, body) => { - console.log('limit upload', i, res.statusCode, meta.config.uploadRateLimitThreshold, Date.now()); - if (i + 1 > meta.config.uploadRateLimitThreshold / 2) { + console.log('limit upload', i, res.statusCode, meta.config.uploadRateLimitThreshold, i + 1 > meta.config.uploadRateLimitThreshold / 2, Date.now()); + + if (i + 1 >= meta.config.uploadRateLimitThreshold / 2) { assert.strictEqual(res.statusCode, 500); assert.strictEqual(body.error, '[[error:upload-ratelimit-reached]]'); } else {