From 6736b9e00e2934d27b86134aefd3fdfed4d90a78 Mon Sep 17 00:00:00 2001
From: David Glueck <106271130+daglueck@users.noreply.github.com>
Date: Thu, 12 Oct 2023 14:24:59 +0200
Subject: [PATCH 1/2] add csv max filesize check

---
 invenio_previewer/extensions/csv_papaparsejs.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/invenio_previewer/extensions/csv_papaparsejs.py b/invenio_previewer/extensions/csv_papaparsejs.py
index fe0b6be..4d81409 100644
--- a/invenio_previewer/extensions/csv_papaparsejs.py
+++ b/invenio_previewer/extensions/csv_papaparsejs.py
@@ -17,7 +17,14 @@
 
 def can_preview(file):
     """Determine if the given file can be previewed."""
-    return file.is_local() and file.has_extensions(".csv", ".dsv")
+    max_file_size = current_app.config.get(
+        "PREVIEWER_MAX_FILE_SIZE_BYTES", 1 * 1024 * 1024
+    )
+    return (
+        file.is_local()
+        and file.has_extensions(".csv", ".dsv")
+        and file.size <= max_file_size
+    )
 
 
 def preview(file):

From 94aaf1fa7243cfde1fcf313c06363da45398bfb8 Mon Sep 17 00:00:00 2001
From: David Glueck <106271130+daglueck@users.noreply.github.com>
Date: Thu, 21 Dec 2023 15:06:48 +0100
Subject: [PATCH 2/2] add validation function and increase max file size

---
 invenio_previewer/config.py                     |  5 ++++-
 invenio_previewer/extensions/csv_papaparsejs.py | 17 +++++++++--------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/invenio_previewer/config.py b/invenio_previewer/config.py
index 0790b0d..e71c6bb 100644
--- a/invenio_previewer/config.py
+++ b/invenio_previewer/config.py
@@ -21,7 +21,7 @@
 """Confidence threshold for character encoding detection by `cchardet`."""
 
 PREVIEWER_MAX_FILE_SIZE_BYTES = 1 * 1024 * 1024
-"""Maximum file size in bytes for JSON/XML/CSV files."""
+"""Maximum file size in bytes for JSON/XML files."""
 
 PREVIEWER_MAX_IMAGE_SIZE_BYTES = 0.5 * 1024 * 1024
 """Maximum file size in bytes for image files."""
@@ -29,6 +29,9 @@
 PREVIEWER_TXT_MAX_BYTES = 1 * 1024 * 1024
 """Maximum number of .txt file bytes to preview before truncated."""
 
+PREVIEWER_CSV_MAX_BYTES = 100 * 1024 * 1024
+"""Maximum file size in bytes for CSV files."""
+
 PREVIEWER_ZIP_MAX_FILES = 1000
 """Max number of files showed in the ZIP previewer."""
 
diff --git a/invenio_previewer/extensions/csv_papaparsejs.py b/invenio_previewer/extensions/csv_papaparsejs.py
index 4d81409..57b1650 100644
--- a/invenio_previewer/extensions/csv_papaparsejs.py
+++ b/invenio_previewer/extensions/csv_papaparsejs.py
@@ -14,17 +14,18 @@
 
 previewable_extensions = ["csv", "dsv"]
 
+def validate_csv(file):
+    """Validate a CSV file."""
+    max_file_size = current_app.config.get(
+        "PREVIEWER_CSV_MAX_BYTES", 100 * 1024 * 1024
+    )
+    if file.size > max_file_size:
+        return False
+    return True
 
 def can_preview(file):
     """Determine if the given file can be previewed."""
-    max_file_size = current_app.config.get(
-        "PREVIEWER_MAX_FILE_SIZE_BYTES", 1 * 1024 * 1024
-    )
-    return (
-        file.is_local()
-        and file.has_extensions(".csv", ".dsv")
-        and file.size <= max_file_size
-    )
+    return file.is_local() and file.has_extensions(".csv", ".dsv") and validate_csv(file)
 
 
 def preview(file):