haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-09-16 15:18:58 +00:00
Code Issues Releases Wiki Activity

Add content security policy when access file (#395)

Browse Source
This commit is contained in:
feiniks
2020-08-29 19:51:18 +08:00
committed by GitHub
parent 17198b7527
commit cd9bb75e63
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
server/access-file.c
View File

@@ -552,6 +552,7 @@ do_file(evhtp_request_t *req, SeafRepo *repo, const char *file_id,
unsigned char enc_key[32], enc_iv[16]; unsigned char enc_key[32], enc_iv[16];
SeafileCrypt *crypt = NULL; SeafileCrypt *crypt = NULL;
SendfileData *data; SendfileData *data;
char *policy = "sandbox";
file = seaf_fs_manager_get_seafile(seaf->fs_mgr, file = seaf_fs_manager_get_seafile(seaf->fs_mgr,
repo->store_id, repo->version, file_id); repo->store_id, repo->version, file_id);
@@ -577,6 +578,9 @@ do_file(evhtp_request_t *req, SeafRepo *repo, const char *file_id,
evhtp_header_new("Access-Control-Allow-Origin", evhtp_header_new("Access-Control-Allow-Origin",
"*", 1, 1)); "*", 1, 1));
evhtp_headers_add_header(req->headers_out,
evhtp_header_new("Content-Security-Policy",
policy, 1, 1));
type = parse_content_type(filename); type = parse_content_type(filename);
if (type != NULL) { if (type != NULL) {
@@ -924,6 +928,7 @@ do_file_range (evhtp_request_t *req, SeafRepo *repo, const char *file_id,
SendFileRangeData *data = NULL; SendFileRangeData *data = NULL;
guint64 start; guint64 start;
guint64 end; guint64 end;
char *policy = "sandbox";
file = seaf_fs_manager_get_seafile(seaf->fs_mgr, file = seaf_fs_manager_get_seafile(seaf->fs_mgr,
repo->store_id, repo->version, file_id); repo->store_id, repo->version, file_id);
@@ -951,6 +956,10 @@ do_file_range (evhtp_request_t *req, SeafRepo *repo, const char *file_id,
evhtp_headers_add_header (req->headers_out, evhtp_headers_add_header (req->headers_out,
evhtp_header_new ("Accept-Ranges", "bytes", 0, 0)); evhtp_header_new ("Accept-Ranges", "bytes", 0, 0));
evhtp_headers_add_header(req->headers_out,
evhtp_header_new("Content-Security-Policy",
policy, 1, 1));
char *content_type = NULL; char *content_type = NULL;
char *type = parse_content_type (filename); char *type = parse_content_type (filename);
if (type != NULL) { if (type != NULL) {