diff options
author | Emile <hanemile@protonmail.com> | 2020-03-22 15:53:07 +0100 |
---|---|---|
committer | Emile <hanemile@protonmail.com> | 2020-03-22 15:53:07 +0100 |
commit | 54f3f82de310075a3419462dc18c098a57585d31 (patch) | |
tree | 40c83a8eafc43045dfccb0e9b67c15f9af7736b9 /src | |
parent | 2d73776198cbda37c95cd8b50f735d2b59cb5a45 (diff) |
hash and salt (could be a doom soundtrack)
Diffstat (limited to 'src')
-rw-r--r-- | src/http/http.go | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/http/http.go b/src/http/http.go index 7f4eb60..d124480 100644 --- a/src/http/http.go +++ b/src/http/http.go @@ -227,6 +227,18 @@ func pathHandler(w http.ResponseWriter, r *http.Request) { fileCount++ } + // Hash the file using the salt defined in the config making is + // possible to give the file to the /view handler without an + // interception being possible. + // The salted file name is hashed again on the reciever side + // making sure that the file to be downloaded is really the file + // specified. + // Overall: this makes sure that only we can provide files that + // can be downloaded + salted := fmt.Sprintf("%s%s", url, viper.GetString("hash.salt")) + hash := fmt.Sprintf("%x", sha256.Sum256([]byte(salted))) + item.SaltedHash = hash + items = append(items, item) } |