Add allowlist checking for opt-in
This commit is contained in:
parent
760646efd7
commit
93d2f304d2
@ -72,11 +72,18 @@ module Skeksis
|
|||||||
def query(path, env)
|
def query(path, env)
|
||||||
query_path = Pathname.new(path).each_filename.to_a
|
query_path = Pathname.new(path).each_filename.to_a
|
||||||
|
|
||||||
@allowlist.children do |child|
|
# Just do a directory listing if we're serving the root path
|
||||||
if child.name == query_path[0] and child.content == false
|
if path == "/"
|
||||||
return nil
|
return create_dir_listing(@serve_dir, env)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# Otherwise check if user's site has opted in to bridging
|
||||||
|
is_allowed = @allowlist.children.any? {|child| child.name == query_path[0] and child.content == true }
|
||||||
|
|
||||||
|
unless is_allowed
|
||||||
|
return [Header, "Error.", Footer]
|
||||||
end
|
end
|
||||||
|
# End allowlist checking
|
||||||
|
|
||||||
# Chomps the first / and builds path
|
# Chomps the first / and builds path
|
||||||
full_path = Pathname.new(@serve_dir) + path[1..-1]
|
full_path = Pathname.new(@serve_dir) + path[1..-1]
|
||||||
@ -110,7 +117,6 @@ module Skeksis
|
|||||||
"</script>"
|
"</script>"
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
def create_dir_listing(path, env)
|
def create_dir_listing(path, env)
|
||||||
http = URI.parse(env['REQUEST_URI'])
|
http = URI.parse(env['REQUEST_URI'])
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user