wood/webp_server_go
1
0
Fork 0
mirror of https://github.com/woodchen-ink/webp_server_go.git synced 2025-07-19 06:02:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix extension check

Browse Source
This commit is contained in:
Benny~ 2020-03-01 15:33:54 +08:00
parent d514865b64
commit a9dd261702
No known key found for this signature in database
GPG Key ID: 6CD0DBDA5235D481
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
webp-server.go
View File

@ -138,18 +138,23 @@ func Convert(ImgPath string, AllowedTypes []string, QUALITY string) func(c *fibe
} }
// check ext // check ext
// TODO: should remove this function. Check in Nginx. // TODO: may remove this function. Check in Nginx.
var allowed = false
for _, ext := range AllowedTypes { for _, ext := range AllowedTypes {
haystack := strings.ToLower(ImgFilename) haystack := strings.ToLower(ImgFilename)
needle := strings.ToLower("." + ext) needle := strings.ToLower("." + ext)
if strings.HasSuffix(haystack, needle) { if strings.HasSuffix(haystack, needle) {
allowed = true
break break
} else { } else {
c.Send("File extension not allowed!") allowed = false
c.SendStatus(403)
return
} }
} }
if !allowed {
c.Send("File extension not allowed!")
c.SendStatus(403)
return
}
// Check the original image for existence, // Check the original image for existence,
if !imageExists(RawImageAbs) { if !imageExists(RawImageAbs) {