mutantmonkey
parent
b96ee60c4c
commit
ad9d712a3a
|
|
@ -108,6 +108,7 @@ func setup() {
|
|||
|
||||
goji.Get("/static/*", staticHandler)
|
||||
goji.Get("/favicon.ico", staticHandler)
|
||||
goji.Get("/robots.txt", staticHandler)
|
||||
goji.Get(nameRe, fileDisplayHandler)
|
||||
goji.Get(selifRe, fileServeHandler)
|
||||
goji.Get(selifIndexRe, unauthorizedHandler)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
User-agent: *
|
||||
Allow: /$
|
||||
Disallow: *
|
||||
12
upload.go
12
upload.go
|
|
@ -20,6 +20,14 @@ import (
|
|||
"github.com/zenazn/goji/web"
|
||||
)
|
||||
|
||||
var fileBlacklist = map[string]bool{
|
||||
"favicon.ico": true,
|
||||
"index.htm": true,
|
||||
"index.html": true,
|
||||
"index.php": true,
|
||||
"robots.txt": true,
|
||||
}
|
||||
|
||||
// Describes metadata directly from the user request
|
||||
type UploadRequest struct {
|
||||
src io.Reader
|
||||
|
|
@ -227,6 +235,10 @@ func processUpload(upReq UploadRequest) (upload Upload, err error) {
|
|||
fileexists = err == nil
|
||||
}
|
||||
|
||||
if fileBlacklist[strings.ToLower(upload.Filename)] {
|
||||
return upload, errors.New("Prohibited filename")
|
||||
}
|
||||
|
||||
dst, err := os.Create(path.Join(Config.filesDir, upload.Filename))
|
||||
if err != nil {
|
||||
return
|
||||
|
|
|
|||
Loading…
Reference in New Issue