wood/webp_server_go
1
0
Fork 0
mirror of https://github.com/woodchen-ink/webp_server_go.git synced 2025-07-18 21:52:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

Clean Path on routing to mitigate directory traversal, bump version to 0.4.1

Browse Source
This commit is contained in:
n0vad3v 2021-12-30 16:42:43 +08:00 committed by Benny
parent 49569b306a
commit 74b0382ab6
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config.go
View File

@ -22,7 +22,7 @@ var (
prefetch, proxyMode bool prefetch, proxyMode bool
remoteRaw = "remote-raw" remoteRaw = "remote-raw"
config Config config Config
version = "0.4.0" version = "0.4.1"
releaseUrl = "https://github.com/webp-sh/webp_server_go/releases/latest/download/" releaseUrl = "https://github.com/webp-sh/webp_server_go/releases/latest/download/"
) )

4
router.go
View File

@ -16,6 +16,10 @@ import (
func convert(c *fiber.Ctx) error { func convert(c *fiber.Ctx) error {
//basic vars //basic vars
var reqURI, _ = url.QueryUnescape(c.Path()) // /mypic/123.jpg var reqURI, _ = url.QueryUnescape(c.Path()) // /mypic/123.jpg
// delete ../ in reqURI to mitigate directory traversal
reqURI = path.Clean(reqURI)
var rawImageAbs string var rawImageAbs string
if proxyMode { if proxyMode {
rawImageAbs = config.ImgPath + reqURI rawImageAbs = config.ImgPath + reqURI