summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/ninjacloud.go17
1 files changed, 13 insertions, 4 deletions
diff --git a/src/ninjacloud.go b/src/ninjacloud.go
index 9ec2962..cb99446 100644
--- a/src/ninjacloud.go
+++ b/src/ninjacloud.go
@@ -9,6 +9,7 @@ import (
9 "net/http" 9 "net/http"
10 "os" 10 "os"
11 "path/filepath" 11 "path/filepath"
12 "runtime"
12) 13)
13 14
14const APP_NAME = "Ninja Go Local Cloud" 15const APP_NAME = "Ninja Go Local Cloud"
@@ -160,11 +161,20 @@ func copyDir(source string, dest string) (err error) {
160 161
161//////// REQUEST HANDLERS 162//////// REQUEST HANDLERS
162 163
164func osPath(p string) string {
165 filepath.Clean(p)
166 if runtime.GOOS == "windows" {
167 p = p[:1] + ":" + p[1:]
168 } else {
169 p = "/" + p
170 }
171 return p
172}
173
163//// File APIs 174//// File APIs
164 175
165func fileHandler(w http.ResponseWriter, r *http.Request) { 176func fileHandler(w http.ResponseWriter, r *http.Request) {
166 p := r.URL.Path[filePathLen:] 177 p := osPath(r.URL.Path[filePathLen:])
167 filepath.Clean(p)
168 if !isInRoot(p) { 178 if !isInRoot(p) {
169 w.WriteHeader(http.StatusForbidden) 179 w.WriteHeader(http.StatusForbidden)
170 return 180 return
@@ -277,8 +287,7 @@ func fileHandler(w http.ResponseWriter, r *http.Request) {
277//// Directory APIs 287//// Directory APIs
278 288
279func dirHandler(w http.ResponseWriter, r *http.Request) { 289func dirHandler(w http.ResponseWriter, r *http.Request) {
280 p := r.URL.Path[dirPathLen:] 290 p := osPath(r.URL.Path[dirPathLen:])
281 filepath.Clean(p)
282 if !isInRoot(p) { 291 if !isInRoot(p) {
283 w.WriteHeader(http.StatusForbidden) 292 w.WriteHeader(http.StatusForbidden)
284 return 293 return