limit acess to assets news folder
This commit is contained in:
parent
9b3b5a5419
commit
0bc34bdbf0
1 changed files with 55 additions and 2 deletions
57
main.go
57
main.go
|
@ -107,8 +107,8 @@ func main() {
|
|||
// Serve static files (CSS, JS, etc.) from the /static directory
|
||||
http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir(staticDir))))
|
||||
|
||||
// Serve files in the /data/news/ directory under /news-assets/
|
||||
http.Handle("/news-assets/", http.StripPrefix("/news-assets/", http.FileServer(http.Dir(dataDir+"/news/"))))
|
||||
// Custom handler to serve only directories and their contents under /news-assets/
|
||||
http.Handle("/news-assets/", http.StripPrefix("/news-assets/", http.HandlerFunc(serveDirectoriesOnly)))
|
||||
|
||||
// Serve downloads.html at /downloads
|
||||
http.HandleFunc("/download", func(w http.ResponseWriter, r *http.Request) {
|
||||
|
@ -433,6 +433,59 @@ func watchForChanges(dir string) {
|
|||
select {}
|
||||
}
|
||||
|
||||
// serveDirectoriesOnly handles requests and only serves directories and their contents.
|
||||
func serveDirectoriesOnly(w http.ResponseWriter, r *http.Request) {
|
||||
requestedPath := filepath.Join(dataDir, "news", r.URL.Path)
|
||||
|
||||
// Check if the requested path is a directory
|
||||
fileInfo, err := os.Stat(requestedPath)
|
||||
if err != nil {
|
||||
http.NotFound(w, r) // If the path doesn't exist, return a 404
|
||||
return
|
||||
}
|
||||
|
||||
// Block access to any files at the root level or the .git directory
|
||||
if isRootLevel(requestedPath) || isRestrictedDirectory(requestedPath) {
|
||||
http.NotFound(w, r) // Block access to root-level files like .md and the .git directory
|
||||
return
|
||||
}
|
||||
|
||||
// Block access to any .md files at the root level
|
||||
if isRootLevel(requestedPath) && strings.HasSuffix(requestedPath, ".md") {
|
||||
http.NotFound(w, r) // Block access to root-level .md files
|
||||
return
|
||||
}
|
||||
|
||||
// If the path is a directory, serve its contents
|
||||
if fileInfo.IsDir() {
|
||||
http.FileServer(http.Dir(requestedPath)).ServeHTTP(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
// Serve the file within the subdirectory
|
||||
http.FileServer(http.Dir(filepath.Join(dataDir, "news"))).ServeHTTP(w, r)
|
||||
}
|
||||
|
||||
// isRootLevel checks if the file is at the root level of /news-assets/
|
||||
func isRootLevel(path string) bool {
|
||||
relPath, err := filepath.Rel(filepath.Join(dataDir, "news"), path)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
|
||||
// The relative path should not contain any slashes if it's at the root level
|
||||
return !strings.Contains(relPath, string(os.PathSeparator))
|
||||
}
|
||||
|
||||
// isRestrictedDirectory checks if the path is within a restricted directory like .git
|
||||
func isRestrictedDirectory(path string) bool {
|
||||
// Normalize the path
|
||||
cleanPath := filepath.Clean(path)
|
||||
|
||||
// Check if the path contains .git directory or other restricted directories
|
||||
return strings.Contains(cleanPath, string(os.PathSeparator)+".git") || strings.HasSuffix(cleanPath, ".git")
|
||||
}
|
||||
|
||||
func handleFileChange(path string, isNew bool) {
|
||||
if filepath.Ext(path) == ".md" {
|
||||
creationTimesM.Lock()
|
||||
|
|
Loading…
Reference in a new issue