dylan.derr/Send
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

added route id verification, and better downloader ui

Browse source
This commit is contained in:
Abhinav Adduri 2017-06-01 09:55:47 -07:00
parent c05b444432
commit 065f3c2014
3 changed files with 67 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

19
app.js
View file

@ -23,6 +23,11 @@ app.get("/download/:id", function(req, res) {
app.get("/assets/download/:id", function(req, res) {
if (!validateID(id)){
res.send(404);
return;
}
let id = req.params.id;
client.hget(id, "filename", function(err, reply) { // maybe some expiration logic too
if (!reply) {
@ -44,6 +49,12 @@ app.get("/assets/download/:id", function(req, res) {
app.post("/delete/:id", function(req, res) {
let id = req.params.id;
if (!validateID(id)){
res.send(404);
return;
}
let delete_token = req.body.delete_token;
if (!delete_token){
@ -62,6 +73,11 @@ app.post("/delete/:id", function(req, res) {
});
app.post("/upload/:id", function (req, res, next) {
if (!validateID(req.params.id)){
res.send(404);
return;
}
var fstream;
req.pipe(req.busboy);
@ -93,3 +109,6 @@ app.listen(3000, function () {
console.log("Portal app listening on port 3000!")
})
function validateID(route_id) {
return route_id.match(/^[0-9a-fA-F]{32}$/) !== null;
}