trentuna/candle-annotator
8
0
Fork 0
Code Issues Pull requests Releases Packages Activity Actions

feat: add file type validation to upload endpoint

Browse source 
- Validate filename ends with .csv (case-insensitive)
- Validate MIME type is text/* or application/csv or text/csv
- Return HTTP 400 with error message if validation fails
- Mark task 2.4 as complete
This commit is contained in:
Marko Djordjevic 2026-02-18 11:01:28 +01:00
parent 0e239dc3da
commit 94bc5768d1
2 changed files with 19 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/app/api/upload/route.ts
View file

@ -36,6 +36,24 @@ export async function POST(request: NextRequest): Promise<NextResponse> {
);
}
// Validate file type
const fileName = file.name.toLowerCase();
if (!fileName.endsWith('.csv')) {
return NextResponse.json(
{ error: 'Invalid file type. Only CSV files are accepted.' },
{ status: 400 }
);
}
const mimeType = file.type;
const isValidMimeType = mimeType.startsWith('text/') || mimeType === 'application/csv' || mimeType === 'text/csv';
if (!isValidMimeType) {
return NextResponse.json(
{ error: 'Invalid file type. Only CSV files are accepted.' },
{ status: 400 }
);
}
const MAX_FILE_SIZE = 10 * 1024 * 1024; // 10MB
if (file.size > MAX_FILE_SIZE) {
return NextResponse.json(