daniel156161/simple-nanoshare
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

add check if accessed storage file_id is a uuid and when not send them to a 404 error page
Build and Push Docker Container / build-and-push (push) Successful in 1m31s
Details

Browse Source
This commit is contained in:
Daniel Dolezal
2026-01-01 10:29:45 +01:00
parent 9b69069367
commit b7ec488b44
2 changed files with 24 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routes/handeling/basics.py
+5 -1
View File
@@ -1,6 +1,7 @@
from my_modules.app.setup import LIMITER
from my_modules.functions import is_valid_uuid
from quart import Blueprint, send_from_directory, render_template, current_app, Response, redirect
from quart import Blueprint, send_from_directory, current_app, Response, redirect, abort
basic_bp = Blueprint('basic', __name__)
@@ -18,6 +19,9 @@ async def robots():
@basic_bp.route("/storage/<path:file_id>")
async def convex_storage_proxy(file_id:str):
if not is_valid_uuid(file_id):
return abort(404, "Not a valid uuid")
return Response(
current_app.convex.stream_from_storage(file_id, add_api_path=True),
mimetype="application/octet-stream"