jonathan/hostr
jonathan/hostr
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

Add csrf checking for cookie posts, fix file hotlinking

Browse source
This commit is contained in:
Jonathan Cremin 2015-08-10 11:44:47 +01:00
parent 9ccf3d855e
commit b9c6598250
7 changed files with 27 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/routes/file.js
View file

@ -17,7 +17,7 @@ const userAgentCheck = function(userAgent) {
};
const hotlinkCheck = function(file, userAgent, referrer) {
return !userAgentCheck(userAgent) && !file.width && !(referrer.match(/^https:\/\/hostr.co/) || referrer.match(/^http:\/\/localhost:4040/))
return !userAgentCheck(userAgent) && !file.width && (!referrer || !(referrer.match(/^https:\/\/hostr.co/) || referrer.match(/^http:\/\/localhost:4040/)))
};
export function* get(id, name, size) {