diff options
| author | Henri Vasserman <henv@hot.ee> | 2025-03-28 19:52:14 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-28 13:52:14 -0400 |
| commit | 38d62eeb5676d010a08c439fdcedb4741c021bff (patch) | |
| tree | 7ce2fa83ca860a4fce016c0560c243d62c5e3c0d /internal | |
| parent | 57c3e9f1b2c1d685472670b8ba2660144d2ae316 (diff) | |
| download | anubis-38d62eeb5676d010a08c439fdcedb4741c021bff.tar.xz anubis-38d62eeb5676d010a08c439fdcedb4741c021bff.zip | |
Hide directory browsing on the static content (#85)
* Hide directory browsing on the static content
* update changelog
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/headers.go | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/internal/headers.go b/internal/headers.go index 9d6ba76..d73fa33 100644 --- a/internal/headers.go +++ b/internal/headers.go @@ -4,6 +4,7 @@ import ( "log/slog" "net" "net/http" + "strings" "github.com/TecharoHQ/anubis" "github.com/sebest/xff" @@ -62,3 +63,14 @@ func XForwardedForToXRealIP(next http.Handler) http.Handler { next.ServeHTTP(w, r) }) } + +// Do not allow browsing directory listings in paths that end with / +func NoBrowsing(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if strings.HasSuffix(r.URL.Path, "/") { + http.NotFound(w, r) + return + } + next.ServeHTTP(w, r) + }) +} |