-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Send 404 immediately for known public requests #11117
Conversation
Instead of further handling requests to `public` which causes issues like go-gitea#11088, immediately terminate requests to directories `js`, `css`, `fomantic` if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below `public` in a dynamic fashion. I also added `fomantic` to the reserved usernames and sorted the list. Fixes: go-gitea#11088
@@ -99,6 +106,19 @@ func (opts *Options) handle(ctx *macaron.Context, log *log.Logger, opt *Options) | |||
|
|||
f, err := opt.FileSystem.Open(file) | |||
if err != nil { | |||
// 404 requests to any known entries in `public` | |||
if path.Base(opts.Directory) == "public" { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This condition seems to be needed because this handler is hit twice on every request, first with opts.Directory
set to ""
and then with an actual path ending in /public
, not sure why.
Codecov Report
@@ Coverage Diff @@
## master #11117 +/- ##
==========================================
- Coverage 43.44% 43.43% -0.02%
==========================================
Files 600 600
Lines 85008 85018 +10
==========================================
- Hits 36934 36926 -8
- Misses 43520 43533 +13
- Partials 4554 4559 +5
Continue to review full report at Codecov.
|
Instead of further handling requests to public which causes issues like go-gitea#11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion. I also added fomantic to the reserved usernames and sorted the list. Fixes: go-gitea#11088
Instead of further handling requests to
public
which causes issues like #11088, immediately terminate requests to directoriesjs
,css
,fomantic
if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries belowpublic
in a dynamic fashion.I also added
fomantic
to the reserved usernames and sorted the list.Fixes: #11088