parent
b96ee60c4c
commit
ad9d712a3a
|
@ -108,6 +108,7 @@ func setup() {
|
||||||
|
|
||||||
goji.Get("/static/*", staticHandler)
|
goji.Get("/static/*", staticHandler)
|
||||||
goji.Get("/favicon.ico", staticHandler)
|
goji.Get("/favicon.ico", staticHandler)
|
||||||
|
goji.Get("/robots.txt", staticHandler)
|
||||||
goji.Get(nameRe, fileDisplayHandler)
|
goji.Get(nameRe, fileDisplayHandler)
|
||||||
goji.Get(selifRe, fileServeHandler)
|
goji.Get(selifRe, fileServeHandler)
|
||||||
goji.Get(selifIndexRe, unauthorizedHandler)
|
goji.Get(selifIndexRe, unauthorizedHandler)
|
||||||
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
User-agent: *
|
||||||
|
Allow: /$
|
||||||
|
Disallow: *
|
12
upload.go
12
upload.go
|
@ -20,6 +20,14 @@ import (
|
||||||
"github.com/zenazn/goji/web"
|
"github.com/zenazn/goji/web"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var fileBlacklist = map[string]bool{
|
||||||
|
"favicon.ico": true,
|
||||||
|
"index.htm": true,
|
||||||
|
"index.html": true,
|
||||||
|
"index.php": true,
|
||||||
|
"robots.txt": true,
|
||||||
|
}
|
||||||
|
|
||||||
// Describes metadata directly from the user request
|
// Describes metadata directly from the user request
|
||||||
type UploadRequest struct {
|
type UploadRequest struct {
|
||||||
src io.Reader
|
src io.Reader
|
||||||
|
@ -227,6 +235,10 @@ func processUpload(upReq UploadRequest) (upload Upload, err error) {
|
||||||
fileexists = err == nil
|
fileexists = err == nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if fileBlacklist[strings.ToLower(upload.Filename)] {
|
||||||
|
return upload, errors.New("Prohibited filename")
|
||||||
|
}
|
||||||
|
|
||||||
dst, err := os.Create(path.Join(Config.filesDir, upload.Filename))
|
dst, err := os.Create(path.Join(Config.filesDir, upload.Filename))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in New Issue