dutchcoders/transfer.sh
1
0
Fork 0
mirror of https://github.com/dutchcoders/transfer.sh.git synced 2026-02-03 14:13:26 +00:00
Code Issues 48 Actions Packages Projects Releases Wiki Activity

cr fixes, replace deprecated ioutil.NopCloser

Browse Source
This commit is contained in:
Andrea Spacca
2023-03-02 00:59:51 +09:00
parent 3b3d714def
commit 11e64513a2
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
server/handlers.go
View File

@@ -1045,7 +1045,7 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Accept-Ranges", "bytes")
w.Header().Set("Content-Range", cr)
if rng.Limit > 0 {
reader = ioutil.NopCloser(io.LimitReader(reader, int64(rng.Limit)))
reader = io.NopCloser(io.LimitReader(reader, int64(rng.Limit)))
}
}
}
@@ -1055,8 +1055,6 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
if action == "inline" {
disposition = "inline"
/*
metadata.ContentType is unable to determine the type of the content,
metadata.ContentType is unable to determine the type of the content,
metadata.ContentType is unable to determine the type of the content,
So add text/plain in this case to fix XSS related issues/
*/
@@ -1082,7 +1080,7 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
}
if disposition == "inline" && canContainsXSS(contentType) {
reader = ioutil.NopCloser(bluemonday.UGCPolicy().SanitizeReader(reader))
reader = io.NopCloser(bluemonday.UGCPolicy().SanitizeReader(reader))
}
if _, err = io.Copy(w, reader); err != nil {