parent
050c15dd29
commit
4852c95ab7
|
@ -0,0 +1,26 @@
|
||||||
|
name: Deploy
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [main]
|
||||||
|
pull_request:
|
||||||
|
branches: [main]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
format:
|
||||||
|
name: Format
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Use Node.js 16.x
|
||||||
|
uses: actions/setup-node@v2
|
||||||
|
with:
|
||||||
|
node-version: 16.x
|
||||||
|
cache: "npm"
|
||||||
|
|
||||||
|
- run: npm ci
|
||||||
|
|
||||||
|
- run: npx prettier --check .
|
||||||
|
# vim: set et ts=2 sw=2:
|
22
index.js
22
index.js
|
@ -27,8 +27,8 @@ const handlebars = require("handlebars");
|
||||||
|
|
||||||
const port = +process.env.PORT || 8080;
|
const port = +process.env.PORT || 8080;
|
||||||
|
|
||||||
let app = express();
|
const app = express();
|
||||||
let http = app.listen(port);
|
const http = app.listen(port);
|
||||||
|
|
||||||
app.set("views", path.join(__dirname, "views"));
|
app.set("views", path.join(__dirname, "views"));
|
||||||
app.engine(
|
app.engine(
|
||||||
|
@ -175,6 +175,24 @@ function flashify(req, obj) {
|
||||||
return obj;
|
return obj;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
app.use((req, res, next) => {
|
||||||
|
if (req.method === "GET") {
|
||||||
|
return next();
|
||||||
|
}
|
||||||
|
let sourceHost = null;
|
||||||
|
if (req.headers.origin) {
|
||||||
|
sourceHost = new URL(req.headers.origin).host;
|
||||||
|
} else if (req.headers.referer) {
|
||||||
|
sourceHost = new URL(req.headers.referer).host;
|
||||||
|
}
|
||||||
|
if (sourceHost !== req.headers.host) {
|
||||||
|
throw new Error(
|
||||||
|
"Origin or Referer header does not match or is missing. Request has been blocked to prevent CSRF"
|
||||||
|
);
|
||||||
|
}
|
||||||
|
next();
|
||||||
|
});
|
||||||
|
|
||||||
app.all("/*", (req, res, next) => {
|
app.all("/*", (req, res, next) => {
|
||||||
res.filename = req.params[0];
|
res.filename = req.params[0];
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
{
|
{
|
||||||
"name": "file-manager",
|
"name": "file-manager",
|
||||||
"version": "0.1.0",
|
"version": "0.2.0",
|
||||||
"lockfileVersion": 2,
|
"lockfileVersion": 2,
|
||||||
"requires": true,
|
"requires": true,
|
||||||
"packages": {
|
"packages": {
|
||||||
"": {
|
"": {
|
||||||
"name": "file-manager",
|
"name": "file-manager",
|
||||||
"version": "0.1.0",
|
"version": "0.2.0",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@primer/octicons": "^16.1.1",
|
"@primer/octicons": "^16.1.1",
|
||||||
"archiver": "^5.3.0",
|
"archiver": "^5.3.0",
|
||||||
|
|
|
@ -10,6 +10,7 @@
|
||||||
"file-manager": "index.js"
|
"file-manager": "index.js"
|
||||||
},
|
},
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"@primer/octicons": "^16.1.1",
|
||||||
"archiver": "^5.3.0",
|
"archiver": "^5.3.0",
|
||||||
"body-parser": "^1.19.0",
|
"body-parser": "^1.19.0",
|
||||||
"bootstrap": "^5.0.0",
|
"bootstrap": "^5.0.0",
|
||||||
|
@ -22,7 +23,6 @@
|
||||||
"jquery": "^3.6.0",
|
"jquery": "^3.6.0",
|
||||||
"node-pty": "^0.10.1",
|
"node-pty": "^0.10.1",
|
||||||
"notp": "^2.0.3",
|
"notp": "^2.0.3",
|
||||||
"@primer/octicons": "^16.1.1",
|
|
||||||
"rimraf": "^3.0.2",
|
"rimraf": "^3.0.2",
|
||||||
"thirty-two": "^1.0.2",
|
"thirty-two": "^1.0.2",
|
||||||
"ws": "^8.2.3",
|
"ws": "^8.2.3",
|
||||||
|
|
Loading…
Reference in New Issue