about summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
authorEmile <hanemile@protonmail.com>2020-03-22 15:51:08 +0100
committerEmile <hanemile@protonmail.com>2020-03-22 15:51:08 +0100
commitd532f73360bf4a7c347cd9a3a7427f6551496c4f (patch)
treeb40aa0d123a4784a57db4857072a55ab2a4bb2c5 /src
parenta70d99a893dad259309773091f85c8321648228d (diff)
cleand the download query catcher
Diffstat (limited to 'src')
-rw-r--r--src/http/http.go10
1 files changed, 7 insertions, 3 deletions
diff --git a/src/http/http.go b/src/http/http.go
index dc23037..5593969 100644
--- a/src/http/http.go
+++ b/src/http/http.go
@@ -136,9 +136,13 @@ func pathHandler(w http.ResponseWriter, r *http.Request) {
 	if query["download"] != nil {
 
 		// strip the file before and after the request
-		strippedFile := strings.Replace(requestURI, root, "", -1)
-		strippedFile = strings.Replace(strippedFile, "?download", "", -1)
-		path := fmt.Sprintf("/download?file=%s", strippedFile)
+		strippedFile := strings.Replace(requestPath, root, "", -1)
+
+		// base64 encode the file path
+		strippedFileBase64 := base64.StdEncoding.EncodeToString([]byte(strippedFile))
+
+		// redirect to the /download handler with the file path and the salted hash
+		path := fmt.Sprintf("/download?file=%s&hash=%s", strippedFileBase64, query["hash"][0])
 		http.Redirect(w, r, path, http.StatusSeeOther)
 		return
 	}