libretic/transfer.sh
6
0
Fork 0
mirror of https://github.com/dutchcoders/transfer.sh.git synced 2024-12-26 20:30:18 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fixed improper implementation of content type (#501)

Browse source 
* Fixed improper implementation of content type

Add text/plain content type if metadata.ContentType is unable to determine the content type of the file

* Update server/handlers.go

Co-authored-by: Farhan Khursheed <41877347+blind-intruder@users.noreply.github.com>

* Update handlers.go

let's trim space

* Update handlers.go

Co-authored-by: Andrea Spacca <andrea.spacca@gmail.com>
This commit is contained in:
Farhan Khursheed 2022-08-20 06:29:52 -07:00 committed by GitHub
parent 343427d3b9
commit 31ad4e01e1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
server/handlers.go
View file

@ -1034,6 +1034,13 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
if action == "inline" { if action == "inline" {
disposition = "inline" disposition = "inline"
/*
metadata.ContentType is unable to determine the type of the content,
So add text/plain in this case to fix XSS related issues/
*/
if strings.TrimSpace(contentType) == "" {
contentType = "text/plain"
}
} else { } else {
disposition = "attachment" disposition = "attachment"
} }