Browse Source

Implement hotlink protection

pull/16/head
andreimarcu 9 years ago
parent
commit
22818d86ce
  1. 9
      fileserve.go
  2. 15
      server.go

9
fileserve.go

@ -4,6 +4,7 @@ import (
"net/http" "net/http"
"os" "os"
"path" "path"
"strings"
"github.com/zenazn/goji/web" "github.com/zenazn/goji/web"
) )
@ -17,6 +18,14 @@ func fileServeHandler(c web.C, w http.ResponseWriter, r *http.Request) {
return return
} }
if !Config.allowHotlink {
referer := r.Header.Get("Referer")
if referer != "" && !strings.HasPrefix(referer, Config.siteURL) {
w.WriteHeader(403)
return
}
}
http.ServeFile(w, r, filePath) http.ServeFile(w, r, filePath)
} }

15
server.go

@ -16,12 +16,13 @@ import (
) )
var Config struct { var Config struct {
bind string
filesDir string
metaDir string
noLogs bool
siteName string
siteURL string
bind string
filesDir string
metaDir string
noLogs bool
allowHotlink bool
siteName string
siteURL string
} }
var Templates = make(map[string]*pongo2.Template) var Templates = make(map[string]*pongo2.Template)
@ -95,6 +96,8 @@ func main() {
"path to metadata directory") "path to metadata directory")
flag.BoolVar(&Config.noLogs, "nologs", false, flag.BoolVar(&Config.noLogs, "nologs", false,
"remove stdout output for each request") "remove stdout output for each request")
flag.BoolVar(&Config.allowHotlink, "allowhotlink", false,
"Allow hotlinking of files")
flag.StringVar(&Config.siteName, "sitename", "linx", flag.StringVar(&Config.siteName, "sitename", "linx",
"name of the site") "name of the site")
flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/", flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/",

Loading…
Cancel
Save