Fix authenticated media flows and upload preflight handling
This commit is contained in:
@@ -9,4 +9,4 @@ This directory contains technical documentation for DMS.
|
||||
- `api-contract.md` - API endpoint contract grouped by route module, including token auth roles, upload limits, and settings or processing-log security constraints
|
||||
- `data-model-reference.md` - database entity definitions and lifecycle states
|
||||
- `operations-and-configuration.md` - runtime operations, hardened compose defaults, security environment variables, and persisted settings configuration and read-sanitization behavior
|
||||
- `frontend-design-foundation.md` - frontend visual system, tokens, UI implementation rules, processing-log timeline behavior, and settings helper-copy guidance
|
||||
- `frontend-design-foundation.md` - frontend visual system, tokens, UI implementation rules, authenticated media delivery under API token auth, processing-log timeline behavior, and settings helper-copy guidance
|
||||
|
||||
@@ -89,7 +89,8 @@ Primary implementation modules:
|
||||
- `ask`: returns `conflicts` if duplicate checksum is detected
|
||||
- `replace`: creates new document linked to replaced document id
|
||||
- `duplicate`: creates additional document record
|
||||
- request rejected with `411` when `Content-Length` is missing
|
||||
- upload `POST` request rejected with `411` when `Content-Length` is missing
|
||||
- `OPTIONS /documents/upload` CORS preflight bypasses upload `Content-Length` enforcement
|
||||
- request rejected with `413` when file count, per-file size, or total request size exceeds configured limits
|
||||
|
||||
## Search
|
||||
|
||||
@@ -49,6 +49,13 @@ Do not hardcode new palette or spacing values in component styles when a token a
|
||||
- Do not render queued headers before their animation starts, even when polling returns batched updates.
|
||||
- Preserve existing header content format and fold/unfold detail behavior as lines are revealed.
|
||||
|
||||
## Authenticated Media Delivery
|
||||
|
||||
- Document previews and thumbnails must load through authenticated fetch flows in `frontend/src/lib/api.ts`, then render via temporary object URLs.
|
||||
- Direct `window.open` calls for protected media endpoints are not allowed because browser navigation requests do not include the API token header.
|
||||
- Download actions for original files and markdown exports must use authenticated blob fetches plus controlled browser download triggers.
|
||||
- Revoke all temporary object URLs after replacement, unmount, or completion to prevent browser memory leaks.
|
||||
|
||||
## Extension Checklist
|
||||
|
||||
When adding or redesigning a UI area:
|
||||
|
||||
@@ -149,7 +149,8 @@ Retention settings are used by worker cleanup and by `POST /api/v1/processing/lo
|
||||
- scheme restrictions (`https` by default)
|
||||
- local/private-network blocking and per-request DNS revalidation checks for outbound runtime calls
|
||||
- Upload and archive safety guards are enforced:
|
||||
- multipart upload requires `Content-Length` and enforces file-count, per-file size, and total request size limits
|
||||
- `POST /api/v1/documents/upload` requires `Content-Length` and enforces file-count, per-file size, and total request size limits
|
||||
- `OPTIONS /api/v1/documents/upload` CORS preflight is excluded from `Content-Length` enforcement
|
||||
- ZIP member count, per-member uncompressed size, total decompressed size, and compression-ratio guards
|
||||
- Processing logs redact sensitive payload and text fields, and trim endpoints enforce retention caps from runtime config.
|
||||
- Compose hardening defaults:
|
||||
|
||||
Reference in New Issue
Block a user