45 lines
977 B
1
package knotserver
2
3
import (
4
"net/http"
5
"os"
6
"path/filepath"
7
8
securejoin "github.com/cyphar/filepath-securejoin"
9
"github.com/go-chi/chi/v5"
10
"github.com/microcosm-cc/bluemonday"
11
)
12
13
func sanitize(content []byte) []byte {
14
return bluemonday.UGCPolicy().SanitizeBytes([]byte(content))
15
}
16
17
func didPath(r *http.Request) string {
18
did := chi.URLParam(r, "did")
19
name := chi.URLParam(r, "name")
20
path, _ := securejoin.SecureJoin(did, name)
21
filepath.Clean(path)
22
return path
23
}
24
25
func getDescription(path string) (desc string) {
26
db, err := os.ReadFile(filepath.Join(path, "description"))
27
if err == nil {
28
desc = string(db)
29
} else {
30
desc = ""
31
}
32
return
33
}
34
func setContentDisposition(w http.ResponseWriter, name string) {
35
h := "inline; filename=\"" + name + "\""
36
w.Header().Add("Content-Disposition", h)
37
}
38
39
func setGZipMIME(w http.ResponseWriter) {
40
setMIME(w, "application/gzip")
41
}
42
43
func setMIME(w http.ResponseWriter, mime string) {
44
w.Header().Add("Content-Type", mime)
45
}
46