0ct0pu5/siyuan
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

🔒 Authenticate requests of assets other than 127.0.0.1 Fix https://github.com/siyuan-note/siyuan/issues/9388

Browse source
This commit is contained in:
Daniel 2023-10-10 16:52:40 +08:00
parent 11786381cf
commit 6e9099ea12
No known key found for this signature in database
GPG key ID: 86211BA83DF03017
1 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
kernel/model/session.go
View file

@ -183,6 +183,15 @@ func CheckAuth(c *gin.Context) {
}
}
if !strings.HasPrefix(c.Request.RemoteAddr, util.LocalHost) && !strings.HasPrefix(c.Request.RemoteAddr, "[::1]") {
// Authenticate requests of assets other than 127.0.0.1 https://github.com/siyuan-note/siyuan/issues/9388
if strings.HasPrefix(c.Request.RequestURI, "/assets/") {
c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed: for security reasons, please set [Access authorization code] when using non-127.0.0.1 access\n\n为安全起见使用非 127.0.0.1 访问时请设置 [访问授权码]"})
c.Abort()
return
}
}
c.Next()
return
}
@ -197,8 +206,7 @@ func CheckAuth(c *gin.Context) {
}
// 放过来自本机的某些请求
if strings.HasPrefix(c.Request.RemoteAddr, util.LocalHost) ||
strings.HasPrefix(c.Request.RemoteAddr, "[::1]") {
if strings.HasPrefix(c.Request.RemoteAddr, util.LocalHost) || strings.HasPrefix(c.Request.RemoteAddr, "[::1]") {
if strings.HasPrefix(c.Request.RequestURI, "/assets/") {
c.Next()
return