parent
050c15dd29
commit
4852c95ab7
|
@ -0,0 +1,26 @@
|
|||
name: Deploy
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
|
||||
jobs:
|
||||
format:
|
||||
name: Format
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Use Node.js 16.x
|
||||
uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: 16.x
|
||||
cache: "npm"
|
||||
|
||||
- run: npm ci
|
||||
|
||||
- run: npx prettier --check .
|
||||
# vim: set et ts=2 sw=2:
|
22
index.js
22
index.js
|
@ -27,8 +27,8 @@ const handlebars = require("handlebars");
|
|||
|
||||
const port = +process.env.PORT || 8080;
|
||||
|
||||
let app = express();
|
||||
let http = app.listen(port);
|
||||
const app = express();
|
||||
const http = app.listen(port);
|
||||
|
||||
app.set("views", path.join(__dirname, "views"));
|
||||
app.engine(
|
||||
|
@ -175,6 +175,24 @@ function flashify(req, obj) {
|
|||
return obj;
|
||||
}
|
||||
|
||||
app.use((req, res, next) => {
|
||||
if (req.method === "GET") {
|
||||
return next();
|
||||
}
|
||||
let sourceHost = null;
|
||||
if (req.headers.origin) {
|
||||
sourceHost = new URL(req.headers.origin).host;
|
||||
} else if (req.headers.referer) {
|
||||
sourceHost = new URL(req.headers.referer).host;
|
||||
}
|
||||
if (sourceHost !== req.headers.host) {
|
||||
throw new Error(
|
||||
"Origin or Referer header does not match or is missing. Request has been blocked to prevent CSRF"
|
||||
);
|
||||
}
|
||||
next();
|
||||
});
|
||||
|
||||
app.all("/*", (req, res, next) => {
|
||||
res.filename = req.params[0];
|
||||
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{
|
||||
"name": "file-manager",
|
||||
"version": "0.1.0",
|
||||
"version": "0.2.0",
|
||||
"lockfileVersion": 2,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "file-manager",
|
||||
"version": "0.1.0",
|
||||
"version": "0.2.0",
|
||||
"dependencies": {
|
||||
"@primer/octicons": "^16.1.1",
|
||||
"archiver": "^5.3.0",
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
"file-manager": "index.js"
|
||||
},
|
||||
"dependencies": {
|
||||
"@primer/octicons": "^16.1.1",
|
||||
"archiver": "^5.3.0",
|
||||
"body-parser": "^1.19.0",
|
||||
"bootstrap": "^5.0.0",
|
||||
|
@ -22,7 +23,6 @@
|
|||
"jquery": "^3.6.0",
|
||||
"node-pty": "^0.10.1",
|
||||
"notp": "^2.0.3",
|
||||
"@primer/octicons": "^16.1.1",
|
||||
"rimraf": "^3.0.2",
|
||||
"thirty-two": "^1.0.2",
|
||||
"ws": "^8.2.3",
|
||||
|
|
Loading…
Reference in New Issue