add a file blacklist and add robots.txt

Fixes #26
This commit is contained in:
mutantmonkey 2015-10-04 18:12:19 -07:00
parent b96ee60c4c
commit ad9d712a3a
3 changed files with 16 additions and 0 deletions

View File

@ -108,6 +108,7 @@ func setup() {
goji.Get("/static/*", staticHandler) goji.Get("/static/*", staticHandler)
goji.Get("/favicon.ico", staticHandler) goji.Get("/favicon.ico", staticHandler)
goji.Get("/robots.txt", staticHandler)
goji.Get(nameRe, fileDisplayHandler) goji.Get(nameRe, fileDisplayHandler)
goji.Get(selifRe, fileServeHandler) goji.Get(selifRe, fileServeHandler)
goji.Get(selifIndexRe, unauthorizedHandler) goji.Get(selifIndexRe, unauthorizedHandler)

3
static/robots.txt Normal file
View File

@ -0,0 +1,3 @@
User-agent: *
Allow: /$
Disallow: *

View File

@ -20,6 +20,14 @@ import (
"github.com/zenazn/goji/web" "github.com/zenazn/goji/web"
) )
var fileBlacklist = map[string]bool{
"favicon.ico": true,
"index.htm": true,
"index.html": true,
"index.php": true,
"robots.txt": true,
}
// Describes metadata directly from the user request // Describes metadata directly from the user request
type UploadRequest struct { type UploadRequest struct {
src io.Reader src io.Reader
@ -227,6 +235,10 @@ func processUpload(upReq UploadRequest) (upload Upload, err error) {
fileexists = err == nil fileexists = err == nil
} }
if fileBlacklist[strings.ToLower(upload.Filename)] {
return upload, errors.New("Prohibited filename")
}
dst, err := os.Create(path.Join(Config.filesDir, upload.Filename)) dst, err := os.Create(path.Join(Config.filesDir, upload.Filename))
if err != nil { if err != nil {
return return