various fixes (#36697)

fixes bad address concat causing malformed address Introduces new config options to for release attachments and number of files to avoid sharing limits for PR/issue attachments and release ones Fixes: https://github.com/go-gitea/gitea/issues/31638 Fixes: https://github.com/go-gitea/gitea/issues/35812 Doc update: https://gitea.com/gitea/docs/pulls/348 Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2026-03-12 23:31:20 +01:00 · 2026-02-22 08:01:43 +01:00 · 2026-02-22 08:01:43 +01:00 · eb59b1a24a
commit eb59b1a24a
parent bb41bca739
9 changed files with 32 additions and 17 deletions
--- a/cmd/web_acme.go
+++ b/cmd/web_acme.go
@ -7,6 +7,7 @@ import (
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
+	"net"
 	"net/http"
 	"os"
 	"strconv"
@ -124,8 +125,8 @@ func runACME(listenAddr string, m http.Handler) error {
 			defer finished()

 			log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect)
-			// all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here)
-			err := runHTTP("tcp", setting.HTTPAddr+":"+setting.PortToRedirect, "Let's Encrypt HTTP Challenge", myACME.HTTPChallengeHandler(http.HandlerFunc(runLetsEncryptFallbackHandler)), setting.RedirectorUseProxyProtocol)
+			// all traffic coming into HTTP will be redirected to HTTPS automatically (LE HTTP-01 validation happens here)
+			err := runHTTP("tcp", net.JoinHostPort(setting.HTTPAddr, setting.PortToRedirect), "Let's Encrypt HTTP Challenge", myACME.HTTPChallengeHandler(http.HandlerFunc(runLetsEncryptFallbackHandler)), setting.RedirectorUseProxyProtocol)
 			if err != nil {
 				log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err)
 			}
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@ -1180,7 +1180,15 @@ LEVEL = Info
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
 ;ALLOWED_TYPES =
+;;
+;; Number of releases that are displayed on release page
 ;DEFAULT_PAGING_NUM = 10
+;;
+;; Max size of each file in megabytes. Defaults to 2GB
+;FILE_MAX_SIZE = 2048
+;;
+;; Max number of files per upload. Defaults to 5
+;MAX_FILES =  5

 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@ -1995,8 +2003,8 @@ LEVEL = Info
 ;; Comma-separated list of allowed file extensions (`.zip`), mime types (`text/plain`) or wildcard type (`image/*`, `audio/*`, `video/*`). Empty value or `*/*` allows all types.
 ;ALLOWED_TYPES = .avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.webp,.xls,.xlsx,.zip
 ;;
-;; Max size of each file. Defaults to 2048MB
-;MAX_SIZE = 2048
+;; Max size of each file. Defaults to 100MB
+;MAX_SIZE = 100
 ;;
 ;; Max number of files per upload. Defaults to 5
 ;MAX_FILES = 5
--- a/modules/setting/attachment.go
+++ b/modules/setting/attachment.go
@ -16,13 +16,9 @@ var Attachment AttachmentSettingType
 func loadAttachmentFrom(rootCfg ConfigProvider) (err error) {
 	Attachment = AttachmentSettingType{
 		AllowedTypes: ".avif,.cpuprofile,.csv,.dmp,.docx,.fodg,.fodp,.fods,.fodt,.gif,.gz,.jpeg,.jpg,.json,.jsonc,.log,.md,.mov,.mp4,.odf,.odg,.odp,.ods,.odt,.patch,.pdf,.png,.pptx,.svg,.tgz,.txt,.webm,.webp,.xls,.xlsx,.zip",
-
-		// FIXME: this size is used for both "issue attachment" and "release attachment"
-		// The design is not right, these two should be different settings
-		MaxSize: 2048,
-
-		MaxFiles: 5,
-		Enabled:  true,
+		MaxSize:      100,
+		MaxFiles:     5,
+		Enabled:      true,
 	}
 	sec, _ := rootCfg.GetSection("attachment")
 	if sec == nil {
--- a/modules/setting/repository.go
+++ b/modules/setting/repository.go
@ -100,6 +100,8 @@ var (
 		Release struct {
 			AllowedTypes     string
 			DefaultPagingNum int
+			FileMaxSize      int64
+			MaxFiles         int64
 		} `ini:"repository.release"`

 		Signing struct {
@ -241,9 +243,13 @@ var (
 		Release: struct {
 			AllowedTypes     string
 			DefaultPagingNum int
+			FileMaxSize      int64
+			MaxFiles         int64
 		}{
 			AllowedTypes:     "",
 			DefaultPagingNum: 10,
+			FileMaxSize:      2048,
+			MaxFiles:         5,
 		},

 		// Signing settings
--- a/routers/api/v1/repo/release_attachment.go
+++ b/routers/api/v1/repo/release_attachment.go
@ -234,7 +234,7 @@ func CreateReleaseAttachment(ctx *context.APIContext) {
 	}

 	// Create a new attachment and save the file
-	attach, err := attachment_service.UploadAttachmentGeneralSizeLimit(ctx, uploaderFile, setting.Repository.Release.AllowedTypes, &repo_model.Attachment{
+	attach, err := attachment_service.UploadAttachmentReleaseSizeLimit(ctx, uploaderFile, setting.Repository.Release.AllowedTypes, &repo_model.Attachment{
 		Name:       filename,
 		UploaderID: ctx.Doer.ID,
 		RepoID:     ctx.Repo.Repository.ID,
--- a/routers/web/repo/attachment.go
+++ b/routers/web/repo/attachment.go
@ -46,7 +46,7 @@ func uploadAttachment(ctx *context.Context, repoID int64, allowedTypes string) {
 	defer file.Close()

 	uploaderFile := attachment.NewLimitedUploaderKnownSize(file, header.Size)
-	attach, err := attachment.UploadAttachmentGeneralSizeLimit(ctx, uploaderFile, allowedTypes, &repo_model.Attachment{
+	attach, err := attachment.UploadAttachmentReleaseSizeLimit(ctx, uploaderFile, allowedTypes, &repo_model.Attachment{
 		Name:       header.Filename,
 		UploaderID: ctx.Doer.ID,
 		RepoID:     repoID,
@ -56,7 +56,7 @@ func uploadAttachment(ctx *context.Context, repoID int64, allowedTypes string) {
 			ctx.HTTPError(http.StatusBadRequest, err.Error())
 			return
 		}
-		ctx.ServerError("UploadAttachmentGeneralSizeLimit", err)
+		ctx.ServerError("UploadAttachmentReleaseSizeLimit", err)
 		return
 	}

--- a/services/attachment/attachment.go
+++ b/services/attachment/attachment.go
@ -58,6 +58,10 @@ func UploadAttachmentGeneralSizeLimit(ctx context.Context, file *UploaderFile, a
 	return uploadAttachment(ctx, file, allowedTypes, setting.Attachment.MaxSize<<20, attach)
 }

+func UploadAttachmentReleaseSizeLimit(ctx context.Context, file *UploaderFile, allowedTypes string, attach *repo_model.Attachment) (*repo_model.Attachment, error) {
+	return uploadAttachment(ctx, file, allowedTypes, setting.Repository.Release.FileMaxSize<<20, attach)
+}
+
 func uploadAttachment(ctx context.Context, file *UploaderFile, allowedTypes string, maxFileSize int64, attach *repo_model.Attachment) (*repo_model.Attachment, error) {
 	src := file.rd
 	if file.size < 0 {
--- a/services/context/upload/upload.go
+++ b/services/context/upload/upload.go
@ -95,8 +95,8 @@ func AddUploadContext(ctx *context.Context, uploadType string) {
 		ctx.Data["UploadRemoveUrl"] = ctx.Repo.RepoLink + "/releases/attachments/remove"
 		ctx.Data["UploadLinkUrl"] = ctx.Repo.RepoLink + "/releases/attachments"
 		ctx.Data["UploadAccepts"] = strings.ReplaceAll(setting.Repository.Release.AllowedTypes, "|", ",")
-		ctx.Data["UploadMaxFiles"] = setting.Attachment.MaxFiles
-		ctx.Data["UploadMaxSize"] = setting.Attachment.MaxSize
+		ctx.Data["UploadMaxFiles"] = setting.Repository.Release.MaxFiles
+		ctx.Data["UploadMaxSize"] = setting.Repository.Release.FileMaxSize
 	case "comment":
 		ctx.Data["UploadUrl"] = ctx.Repo.RepoLink + "/issues/attachments"
 		ctx.Data["UploadRemoveUrl"] = ctx.Repo.RepoLink + "/issues/attachments/remove"
--- a/tests/integration/api_releases_test.go
+++ b/tests/integration/api_releases_test.go
@ -335,7 +335,7 @@ func TestAPIDeleteReleaseByTagName(t *testing.T) {

 func TestAPIUploadAssetRelease(t *testing.T) {
 	defer tests.PrepareTestEnv(t)()
-	defer test.MockVariableValue(&setting.Attachment.MaxSize, 1)()
+	defer test.MockVariableValue(&setting.Repository.Release.FileMaxSize, 1)()

 	repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
 	owner := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: repo.OwnerID})