Implement hotlink protection
This commit is contained in:
parent
02f86da3c7
commit
22818d86ce
|
@ -4,6 +4,7 @@ import (
|
|||
"net/http"
|
||||
"os"
|
||||
"path"
|
||||
"strings"
|
||||
|
||||
"github.com/zenazn/goji/web"
|
||||
)
|
||||
|
@ -17,6 +18,14 @@ func fileServeHandler(c web.C, w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
if !Config.allowHotlink {
|
||||
referer := r.Header.Get("Referer")
|
||||
if referer != "" && !strings.HasPrefix(referer, Config.siteURL) {
|
||||
w.WriteHeader(403)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
http.ServeFile(w, r, filePath)
|
||||
}
|
||||
|
||||
|
|
|
@ -20,6 +20,7 @@ var Config struct {
|
|||
filesDir string
|
||||
metaDir string
|
||||
noLogs bool
|
||||
allowHotlink bool
|
||||
siteName string
|
||||
siteURL string
|
||||
}
|
||||
|
@ -95,6 +96,8 @@ func main() {
|
|||
"path to metadata directory")
|
||||
flag.BoolVar(&Config.noLogs, "nologs", false,
|
||||
"remove stdout output for each request")
|
||||
flag.BoolVar(&Config.allowHotlink, "allowhotlink", false,
|
||||
"Allow hotlinking of files")
|
||||
flag.StringVar(&Config.siteName, "sitename", "linx",
|
||||
"name of the site")
|
||||
flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/",
|
||||
|
|
Loading…
Reference in New Issue