claw/flaskpaste
1
0
Fork 1
forked from username/flaskpaste
Code Pull Requests Activity

pastes: add display_name field

Browse Source 
Authenticated users can tag pastes with a human-readable label
via X-Display-Name header. Supports create, update, remove, and
listing. Max 128 chars, control characters rejected.
This commit is contained in:
Username
2026-02-24 12:55:44 +01:00
parent d44c9c66ab
commit 8ebabfe102
5 changed files with 295 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
documentation/api.md
View File

@@ -175,6 +175,7 @@ X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
"expires_at": "2024-12-25T10:30:00Z",
"burn_after_read": false,
"password_protected": false,
"display_name": "my notes",
"owner": "a1b2c3d4..."
}
],
@@ -280,6 +281,20 @@ X-Paste-Password: secretpassword
```http
POST / HTTP/1.1
Host: localhost:5000
Content-Type: text/plain
X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
X-Display-Name: project notes
```
**Response (201 Created):**
```json
{
"id": "abc12345",
"url": "/abc12345",
"raw": "/abc12345/raw",
"mime_type": "text/plain",
"created_at": 1700000000,
"owner": "a1b2c3...", // Only present if authenticated
"burn_after_read": true, // Only present if enabled
@@ -291,7 +306,8 @@ Password protected content
**Errors:**
| Code | Description |
|------|-------------|
|------|-------------|
| 400 | No content provided |
| 400 | Password too long (max 1024 chars) |
| 400 | Display name too long (max 128 chars) |
| 400 | Display name contains invalid characters |
@@ -300,6 +316,8 @@ Password protected content
| 400 | Paste too small (below minimum size) |
| 413 | Paste too large |
| 429 | Duplicate content rate limit exceeded |
| 429 | Rate limit exceeded (per-IP throttling) |
**Size Limits:**
- Minimum: disabled by default (`FLASKPASTE_MIN_SIZE`, e.g. 64 bytes for encryption enforcement)
- Anonymous: 3 MiB (configurable via `FLASKPASTE_MAX_ANON`)
@@ -427,6 +445,59 @@ Content-Disposition: inline
**Request:**
```http
PUT /abc12345 HTTP/1.1
Host: localhost:5000
X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
Content-Type: text/plain
```
**Headers:**
| Header | Description |
|--------|-------------|
| `X-Paste-Password` | Set or change paste password |
| `X-Remove-Password` | `true` to remove password protection |
| `X-Extend-Expiry` | Seconds to add to current expiry |
| `X-Display-Name` | Set or change display name (max 128 chars) |
| `X-Remove-Display-Name` | `true` to remove display name |
**Response (200 OK):**
```json
{
"id": "abc12345",
"size": 15,
"mime_type": "text/plain",
"expires_at": 1700086400,
"display_name": "my notes"
}
```
**Errors:**
| Code | Description |
|------|-------------|
| 400 | Invalid paste ID format |
| 400 | No updates provided |
| 400 | Cannot update burn-after-read paste |
| 400 | Display name too long (max 128 chars) |
| 400 | Display name contains invalid characters |
| 401 | Authentication required |
| 403 | Permission denied (not owner) |
| 404 | Paste not found |
**Notes:**
- Send content in the body to update paste content
- Use headers with empty body for metadata-only updates
- Display name only accepts printable characters (no control chars)
---
### DELETE /{id}
Delete a paste. Requires authentication and ownership (or admin rights).
**Request:**
```http
DELETE /abc12345 HTTP/1.1
Host: localhost:5000
X-SSL-Client-SHA1: a1b2c3d4e5f6a1b2c3d4e5f6a1b2c3d4e5f6a1b2
```