sx-http: block .assets/ and .map files from static serving
Prevents serving WASM build artifacts and source maps. .assets/ directories and .map files return 403 Forbidden. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1562,7 +1562,16 @@ let serve_static_file static_dir url_path =
|
|||||||
let rel = String.sub url_path 8 (String.length url_path - 8) in
|
let rel = String.sub url_path 8 (String.length url_path - 8) in
|
||||||
let rel = match String.index_opt rel '?' with
|
let rel = match String.index_opt rel '?' with
|
||||||
| Some i -> String.sub rel 0 i | None -> rel in
|
| Some i -> String.sub rel 0 i | None -> rel in
|
||||||
if String.contains rel '\x00' || (String.length rel > 1 && String.sub rel 0 2 = "..") then
|
let has_substring s sub =
|
||||||
|
let slen = String.length s and sublen = String.length sub in
|
||||||
|
if sublen > slen then false
|
||||||
|
else let rec check i = if i > slen - sublen then false
|
||||||
|
else if String.sub s i sublen = sub then true else check (i + 1)
|
||||||
|
in check 0
|
||||||
|
in
|
||||||
|
if String.contains rel '\x00' || (String.length rel > 1 && String.sub rel 0 2 = "..")
|
||||||
|
|| has_substring rel ".assets/"
|
||||||
|
|| Filename.check_suffix rel ".map" then
|
||||||
http_response ~status:403 "Forbidden"
|
http_response ~status:403 "Forbidden"
|
||||||
else
|
else
|
||||||
let file_path = static_dir ^ "/" ^ rel in
|
let file_path = static_dir ^ "/" ^ rel in
|
||||||
|
|||||||
Reference in New Issue
Block a user