Implement hotlink protection

This commit is contained in:
andreimarcu 2015-09-29 19:28:10 -04:00
parent 02f86da3c7
commit 22818d86ce
2 changed files with 18 additions and 6 deletions

View file

@ -4,6 +4,7 @@ import (
"net/http"
"os"
"path"
"strings"
"github.com/zenazn/goji/web"
)
@ -17,6 +18,14 @@ func fileServeHandler(c web.C, w http.ResponseWriter, r *http.Request) {
return
}
if !Config.allowHotlink {
referer := r.Header.Get("Referer")
if referer != "" && !strings.HasPrefix(referer, Config.siteURL) {
w.WriteHeader(403)
return
}
}
http.ServeFile(w, r, filePath)
}

View file

@ -16,12 +16,13 @@ import (
)
var Config struct {
bind string
filesDir string
metaDir string
noLogs bool
siteName string
siteURL string
bind string
filesDir string
metaDir string
noLogs bool
allowHotlink bool
siteName string
siteURL string
}
var Templates = make(map[string]*pongo2.Template)
@ -95,6 +96,8 @@ func main() {
"path to metadata directory")
flag.BoolVar(&Config.noLogs, "nologs", false,
"remove stdout output for each request")
flag.BoolVar(&Config.allowHotlink, "allowhotlink", false,
"Allow hotlinking of files")
flag.StringVar(&Config.siteName, "sitename", "linx",
"name of the site")
flag.StringVar(&Config.siteURL, "siteurl", "http://"+Config.bind+"/",