Documentation
¶
Overview ¶
Defends against directory traversal attacks
Defends against directory traversal attacks ¶
Defends against directory traversal attacks
Index ¶
- func Posix_filename_validator(filename string) error
- type FullFileSystemPath_t
- type PosixValidatedFullURLPath_t
- type PosixValidatedURLDirPath_t
- type TimeDurationSeconds
- type URLPrefixFileSystemDirectoryPair
- type URLPrefixToFileSystemDirectoryMap
- type URLRedirectMap
- type URLRedirectPair
- type UrlPrefixToFSDirMap_internal_t
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Posix_filename_validator ¶
Checks that the file name only contains numbers, letters, underscore, dot, and dash.
Types ¶
type FullFileSystemPath_t ¶
type FullFileSystemPath_t struct {
FileSystemPath *string
}
func Convert_URLPath_To_Full_FileSystem_Path ¶
func Convert_URLPath_To_Full_FileSystem_Path(posix_validated_urlpath PosixValidatedFullURLPath_t, url_to_dir_map URLPrefixToFileSystemDirectoryMap) (*FullFileSystemPath_t, error)
returns error if there is no match swaps the longest matching prefix for the mapped file system directory path and keep the rest of the string the same. This brute force implementation is faster than Trie when number of prefixes is less than 200 And is roughly the same speed as Trie when number of prefixes is 200-300. See my Github repo where I do the benchmarks: https://github.com/1f604/longest_prefix_go
func FullFileSystemPath ¶
func FullFileSystemPath(s string) *FullFileSystemPath_t
func (*FullFileSystemPath_t) UnmarshalJSON ¶
func (filesystempath *FullFileSystemPath_t) UnmarshalJSON(data []byte) error
should we panic here? Ideally we should panic in this kind of situation.
type PosixValidatedFullURLPath_t ¶
type PosixValidatedFullURLPath_t struct {
URLPath string
}
func PosixValidatedFullURLPath ¶
func PosixValidatedFullURLPath(path_str string) (*PosixValidatedFullURLPath_t, error)
Generic url path sanitizer: ensures only POSIX symbols in path and defends against directory traversal. You should call this function on a file path before passing the path to http.ServeFile.
type PosixValidatedURLDirPath_t ¶
type PosixValidatedURLDirPath_t struct {
URLPrefix *string
}
func PosixValidatedURLDirPath ¶
func PosixValidatedURLDirPath(dirpath_str string) (*PosixValidatedURLDirPath_t, error)
func (*PosixValidatedURLDirPath_t) Length ¶
func (p *PosixValidatedURLDirPath_t) Length() int
In Go, it is valid to call a method on a nil pointer!!!
func (*PosixValidatedURLDirPath_t) UnmarshalJSON ¶
func (urlprefix *PosixValidatedURLDirPath_t) UnmarshalJSON(bytes []byte) error
should we panic here? Ideally we should panic in this kind of situation.
type TimeDurationSeconds ¶
func (*TimeDurationSeconds) UnmarshalJSON ¶
func (timeduration *TimeDurationSeconds) UnmarshalJSON(bytes []byte) error
type URLPrefixFileSystemDirectoryPair ¶
type URLPrefixFileSystemDirectoryPair struct {
URLPrefix *PosixValidatedURLDirPath_t `json:"url_prefix"`
FileSystemPath *FullFileSystemPath_t `json:"file_system_directory_path"`
}
type URLPrefixToFileSystemDirectoryMap ¶
type URLPrefixToFileSystemDirectoryMap struct {
Map *UrlPrefixToFSDirMap_internal_t
ReverseMap *map[string]bool // used as a set of all the file system directories defined by the user
}
func (*URLPrefixToFileSystemDirectoryMap) UnmarshalJSON ¶
func (the_map *URLPrefixToFileSystemDirectoryMap) UnmarshalJSON(data []byte) error
type URLRedirectMap ¶
func (*URLRedirectMap) UnmarshalJSON ¶
func (the_map *URLRedirectMap) UnmarshalJSON(data []byte) error
type URLRedirectPair ¶
type UrlPrefixToFSDirMap_internal_t ¶
type UrlPrefixToFSDirMap_internal_t map[*PosixValidatedURLDirPath_t]*FullFileSystemPath_t
Source Files