usememos/memos
1
1
Fork 0
mirror of https://github.com/usememos/memos.git synced 2026-01-07 00:45:32 +08:00
Code Issues Projects Releases Packages Wiki Activity

chore: restrict the html file (#749)

Browse source 
* restrict the html file

* replace spaces with table

* remove space
This commit is contained in:
lujiefsi 2022-12-19 18:26:50 +08:00 committed by GitHub
parent bd6ab71d41
commit 726285e634
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
server/resource.go
View file

@ -7,6 +7,7 @@ import (
"net/http"
"net/url"
"strconv"
"strings"
"time"
"github.com/usememos/memos/api"
@ -42,6 +43,10 @@ func (s *Server) registerResourceRoutes(g *echo.Group) {
}
filename := file.Filename
if strings.HasSuffix(filename, ".html") {
return echo.NewHTTPError(http.StatusBadRequest, "html file is not allowed")
}
filetype := file.Header.Get("Content-Type")
size := file.Size
src, err := file.Open()