SavedFile

multipart_nickel::multipart_server

Struct SavedFile 

Source 
pub struct SavedFile {
    pub path: PathBuf,
    pub filename: Option<String>,
    pub content_type: Mime,
    pub size: u64,
}
Expand description

A file saved to the local filesystem from a multipart request.

Fields§

§path: PathBuf

The complete path this file was saved at.

§filename: Option<String>
§Warning: Client Provided / Untrustworthy

You should treat this value as untrustworthy because it is an arbitrary string provided by the client.

It is a serious security risk to create files or directories with paths based on user input. A malicious user could craft a path which can be used to overwrite important files, such as web templates, static assets, Javascript files, database files, configuration files, etc., if they are writable by the server process.

This can be mitigated somewhat by setting filesystem permissions as conservatively as possible and running the server under its own user with restricted permissions, but you should still not use user input directly as filesystem paths. If it is truly necessary, you should sanitize filenames such that they cannot be misinterpreted by the OS. Such functionality is outside the scope of this crate.

§content_type: Mime

The MIME type (Content-Type value) of this file, if supplied by the client, or "applicaton/octet-stream" otherwise.

§Note: Client Provided

Consider this value to be potentially untrustworthy, as it is provided by the client. It may be inaccurate or entirely wrong, depending on how the client determined it.

Some variants wrap arbitrary strings which could be abused by a malicious user if your application performs any non-idempotent operations based on their value, such as starting another program or querying/updating a database (web-search “SQL injection”).

§size: u64

The number of bytes written to the disk.

Trait Implementations§

Source§

impl Debug for SavedFile

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> Typeable for T
where T: Any,

Source§

fn get_type(&self) -> TypeId

Get the TypeId of this object.
Source§

impl<T> DebugAny for T
where T: Any + Debug,

Source§

impl<T> UnsafeAny for T
where T: Any,