jenspots
/
vieter
forked from vieter-v/vieter
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix(server): prevent `api` as a repository name

Jef Roosens 2022-09-11 22:24:29 +02:00
parent 575c04189d
commit 95d32e2d51
Signed by untrusted user: Jef Roosens
GPG Key ID: B75D4F293C7052DB
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -35,6 +35,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
* Refactor of web framework * Refactor of web framework
* API endpoints now return id of newly created entries * API endpoints now return id of newly created entries
* Repo POST requests now return information on published package * Repo POST requests now return information on published package
* `api` can no longer be used as a repository name
* CLI client now allows setting values to an empty value
### Removed ### Removed

6
src/server/repo.v
View File

@ -50,6 +50,12 @@ fn (mut app App) get_repo_file(repo string, arch string, filename string) web.Re
// put_package handles publishing a package to a repository. // put_package handles publishing a package to a repository.
['/:repo/publish'; auth; post] ['/:repo/publish'; auth; post]
fn (mut app App) put_package(repo string) web.Result { fn (mut app App) put_package(repo string) web.Result {
// api is a reserved keyword for api routes & should never be allowed to be
// a repository.
if repo.to_lower() == 'api' {
return app.json(.bad_request, new_response("'api' is a reserved keyword & cannot be used as a repository name."))
}
mut pkg_path := '' mut pkg_path := ''
if length := app.req.header.get(.content_length) { if length := app.req.header.get(.content_length) {