Fix: Enforce 10MB upload limit for knowledge base with clear error handling (#1755)

* Initial plan * Set MAX_CONTENT_LENGTH to 10MB and add file size validation Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Add custom error handler for 413 RequestEntityTooLarge Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Refactor: Extract MAX_FILE_SIZE constant to avoid duplication Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Fix file name extraction and add missing file validation Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Apply file size validation to all upload endpoints consistently Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Add frontend file size validation for knowledge base and plugin uploads Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * Remove file size validation from plugin uploads, keep only for knowledge base Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> * perf: ui --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: RockChinQ <45992437+RockChinQ@users.noreply.github.com> Co-authored-by: Junyan Qin <rockchinq@gmail.com>
2026-06-08 23:06:03 +00:00 · 2025-11-06 18:50:29 +08:00
parent 61bc6a1dc2
commit 68eb0290e0
8 changed files with 57 additions and 5 deletions
--- a/pkg/api/http/controller/main.py
+++ b/pkg/api/http/controller/main.py
@@ -5,6 +5,7 @@ import os

 import quart
 import quart_cors
+from werkzeug.exceptions import RequestEntityTooLarge

 from ....core import app, entities as core_entities
 from ....utils import importutil
@@ -35,7 +36,20 @@ class HTTPController:
        self.quart_app = quart.Quart(__name__)
        quart_cors.cors(self.quart_app, allow_origin='*')

+        # Set maximum content length to prevent large file uploads
+        self.quart_app.config['MAX_CONTENT_LENGTH'] = group.MAX_FILE_SIZE
+
    async def initialize(self) -> None:
+        # Register custom error handler for file size limit
+        @self.quart_app.errorhandler(RequestEntityTooLarge)
+        async def handle_request_entity_too_large(e):
+            return quart.jsonify(
+                {
+                    'code': 400,
+                    'msg': 'File size exceeds 10MB limit. Please split large files into smaller parts.',
+                }
+            ), 400
+
        await self.register_routes()

    async def run(self) -> None: