common files filtering in server · atscan.net/plcbundle-go@866286c

atscan.net / plcbundle-go

fork atom

[DEPRECATED] Go implementation of plcbundle

fork atom

common files filtering in server

tree.fail 3 months ago 866286c0 6c8b0a6f

+39

1 changed file

expand all

unified split

server

handlers.go

+39

server/handlers.go

··· 675 675 parts := strings.SplitN(path, "/", 2) 676 676 input := parts[0] 677 677 678 + // Ignore common browser files before any validation 679 + if isCommonBrowserFile(input) { 680 + w.WriteHeader(http.StatusNotFound) 681 + return 682 + } 683 + 678 684 // Quick validation: must be either a DID or a valid handle format 679 685 if !isValidDIDOrHandle(input) { 680 686 sendJSON(w, 404, map[string]string{"error": "not found"}) ··· 691 697 } else { 692 698 sendJSON(w, 404, map[string]string{"error": "not found"}) 693 699 } 700 + } 701 + 702 + func isCommonBrowserFile(path string) bool { 703 + // Common files browsers request automatically 704 + commonFiles := []string{ 705 + "favicon.ico", 706 + "robots.txt", 707 + "sitemap.xml", 708 + "apple-touch-icon.png", 709 + "apple-touch-icon-precomposed.png", 710 + ".well-known", 711 + } 712 + 713 + for _, file := range commonFiles { 714 + if path == file || strings.HasPrefix(path, file) { 715 + return true 716 + } 717 + } 718 + 719 + // Common file extensions that are NOT DIDs/handles 720 + commonExtensions := []string{ 721 + ".ico", ".png", ".jpg", ".jpeg", ".gif", ".svg", 722 + ".css", ".js", ".woff", ".woff2", ".ttf", ".eot", 723 + ".xml", ".txt", ".html", ".webmanifest", 724 + } 725 + 726 + for _, ext := range commonExtensions { 727 + if strings.HasSuffix(path, ext) { 728 + return true 729 + } 730 + } 731 + 732 + return false 694 733 } 695 734 696 735 // isValidDIDOrHandle does quick format check before expensive resolution