mirror of
https://github.com/dutchcoders/transfer.sh.git
synced 2025-01-13 20:20:19 +01:00
Add Vary
headers in responses (#536)
* Add `Vary` headers in responses * Add `Referer` to file handler `Vary` * Fix Vary value for routes
This commit is contained in:
parent
1fb67f49ff
commit
3dcbfe2e4d
1 changed files with 5 additions and 0 deletions
|
@ -245,6 +245,8 @@ func canContainsXSS(contentType string) bool {
|
||||||
|
|
||||||
/* The preview handler will show a preview of the content for browsers (accept type text/html), and referer is not transfer.sh */
|
/* The preview handler will show a preview of the content for browsers (accept type text/html), and referer is not transfer.sh */
|
||||||
func (s *Server) previewHandler(w http.ResponseWriter, r *http.Request) {
|
func (s *Server) previewHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
w.Header().Set("Vary", "Range, Referer, X-Decrypt-Password")
|
||||||
|
|
||||||
vars := mux.Vars(r)
|
vars := mux.Vars(r)
|
||||||
|
|
||||||
token := vars["token"]
|
token := vars["token"]
|
||||||
|
@ -397,6 +399,7 @@ func (s *Server) viewHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
token(s.randomTokenLength),
|
token(s.randomTokenLength),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
w.Header().Set("Vary", "Accept")
|
||||||
if acceptsHTML(r.Header) {
|
if acceptsHTML(r.Header) {
|
||||||
if err := htmlTemplates.ExecuteTemplate(w, "index.html", data); err != nil {
|
if err := htmlTemplates.ExecuteTemplate(w, "index.html", data); err != nil {
|
||||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||||
|
@ -1157,6 +1160,7 @@ func (s *Server) headHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
w.Header().Set("Connection", "close")
|
w.Header().Set("Connection", "close")
|
||||||
w.Header().Set("X-Remaining-Downloads", remainingDownloads)
|
w.Header().Set("X-Remaining-Downloads", remainingDownloads)
|
||||||
w.Header().Set("X-Remaining-Days", remainingDays)
|
w.Header().Set("X-Remaining-Days", remainingDays)
|
||||||
|
w.Header().Set("Vary", "Range, Referer, X-Decrypt-Password")
|
||||||
|
|
||||||
if s.storage.IsRangeSupported() {
|
if s.storage.IsRangeSupported() {
|
||||||
w.Header().Set("Accept-Ranges", "bytes")
|
w.Header().Set("Accept-Ranges", "bytes")
|
||||||
|
@ -1250,6 +1254,7 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
w.Header().Set("Content-Type", contentType)
|
w.Header().Set("Content-Type", contentType)
|
||||||
w.Header().Set("Content-Length", strconv.FormatUint(contentLength, 10))
|
w.Header().Set("Content-Length", strconv.FormatUint(contentLength, 10))
|
||||||
|
w.Header().Set("Vary", "Range, Referer, X-Decrypt-Password")
|
||||||
|
|
||||||
if _, err = io.Copy(w, decryptionReader); err != nil {
|
if _, err = io.Copy(w, decryptionReader); err != nil {
|
||||||
s.logger.Printf("%s", err.Error())
|
s.logger.Printf("%s", err.Error())
|
||||||
|
|
Loading…
Reference in a new issue