mirrors/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2025-11-26 14:25:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update security measures by File Manager

Browse Source
This commit is contained in:
Henrique Dias
2016-07-05 17:54:54 +01:00
parent acfda6b4b7
commit 32158d6ecb
3 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
hugo.go
View File

@@ -74,6 +74,10 @@ func (h Hugo) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
}
if r.Method == http.MethodPost && r.Header.Get("archetype") != "" {
if !h.FileManager.Configs[0].CheckToken(r) {
return http.StatusForbidden, nil
}
filename := r.Header.Get("Filename")
archetype := r.Header.Get("archetype")
@@ -94,6 +98,7 @@ func (h Hugo) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
}
if directory.CanBeEdited(r.URL.Path) && r.Method == http.MethodPut {
// NOTE: File Manager already checks the security token
code, err := h.FileManager.ServeHTTP(w, r)
if err != nil {