How to validate large size of zip file or not without using multipart using UploadFile in Fast API [duplicate]

Question

I want to upload a large ZIP file using FastAPI. I need to validate whether the uploaded file is a ZIP file before proceeding. While using the UploadFile class in FastAPI to handle file uploads, I want to first check if the file is indeed a ZIP file. If it is, then I will upload it. If it's not a ZIP file, I want to return an error message stating that the file is not a ZIP file, without fully processing the multipart upload of the large file.

from fastapi.responses import HTMLResponse
import os

app = FastAPI()

UPLOAD_FOLDER = 'uploads/'
ALLOWED_EXTENSIONS = {'csv'}

if not os.path.exists(UPLOAD_FOLDER):
    os.makedirs(UPLOAD_FOLDER)

def allowed_file(filename: str) -> bool:
    return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS

@app.post("/uploadfile/")
async def upload_file(file: UploadFile = File(...)):
    if not allowed_file(file.filename):
        raise HTTPException(status_code=400, detail="Invalid file type. Only CSV files are allowed.")
    
    file_location = os.path.join(UPLOAD_FOLDER, file.filename)
    with open(file_location, "wb") as buffer:
        buffer.write(await file.read())

    return {"info": f"File '{file.filename}' uploaded successfully"}

Check if these posts help: stackoverflow.com/questions/4328947/… and stackoverflow.com/questions/4328947/… — Rafael Marques
– Rafael Marques, Commented May 27, 2024 at 19:35
Another option is to read the first n bytes of the file and verify that it's a zip file (starts with PKZIP...) before uploading it: stackoverflow.com/questions/61921638/… - to handle it in FastAPI, see stackoverflow.com/questions/73442335/… for a middleware. — MatsLindh
– MatsLindh, Commented May 27, 2024 at 21:21
Thanks for helping me. But I want to upload without mutltipart/form data using Upload a file using python — Tejaswini Jadhav
– Tejaswini Jadhav, Commented May 30, 2024 at 10:17
I would suggest having a look at this answer and this answer as well. — Chris
– Chris, Commented May 30, 2024 at 10:44

Mark Adler · Accepted Answer · 2024-05-28 15:28:22Z

1

If you can load just the first four bytes, then check if they are 0x50, 0x4b, 0x03, 0x04. If they are, it is very likely a zip file. If not, it is very likely not.

An empty zip file will start with 0x50 0x4b 0x05 0x06. The specification also provides for spanned/split archives whose pieces can start with 0x50 0x4b 0x07 0x08 or 0x50 0x4b 0x30 0x30, though I have never seen such a beast in the wild. Your unzipper probably can't process them anyway.

Just checking the first two bytes for 0x50 0x4b ("PK") would be too weak of a filter.

answered May 28, 2024 at 15:28

Mark Adler

115k15 gold badges137 silver badges183 bronze badges

Sign up to request clarification or add additional context in comments.

1 Comment

Tejaswini Jadhav Over a year ago

Could be please give me example?

Collectives™ on Stack Overflow

How to validate large size of zip file or not without using multipart using UploadFile in Fast API [duplicate]

1 Answer 1

1 Comment

Linked

Hot Network Questions

Collectives™ on Stack Overflow

1 Answer 1

1 Comment

Linked

Related