vic/filebrozer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Henrique Dias
2016-11-02 19:29:29 +00:00
parent 6b0a132161
commit 28ea0de82e
4 changed files with 21 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
filemanager.go
View File

@@ -43,10 +43,6 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err
return f.Next.ServeHTTP(w, r)
}
w.Header().Set("x-frame-options", "SAMEORIGIN")
w.Header().Set("x-content-type", "nosniff")
w.Header().Set("x-xss-protection", "1; mode=block")
c = &f.Configs[i]
// Checks if the URL matches the Assets URL. Returns the asset if the
@@ -96,6 +92,10 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err
return 0, nil
}
w.Header().Set("x-frame-options", "SAMEORIGIN")
w.Header().Set("x-content-type", "nosniff")
w.Header().Set("x-xss-protection", "1; mode=block")
// Checks if the User is allowed to access this file
if !user.Allowed(strings.TrimPrefix(r.URL.Path, c.BaseURL)) {
if r.Method == http.MethodGet {