diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/http/http.go | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/http/http.go b/src/http/http.go index 7f4eb60..d124480 100644 --- a/src/http/http.go +++ b/src/http/http.go @@ -227,6 +227,18 @@ func pathHandler(w http.ResponseWriter, r *http.Request) { fileCount++ } + // Hash the file using the salt defined in the config making is + // possible to give the file to the /view handler without an + // interception being possible. + // The salted file name is hashed again on the reciever side + // making sure that the file to be downloaded is really the file + // specified. + // Overall: this makes sure that only we can provide files that + // can be downloaded + salted := fmt.Sprintf("%s%s", url, viper.GetString("hash.salt")) + hash := fmt.Sprintf("%x", sha256.Sum256([]byte(salted))) + item.SaltedHash = hash + items = append(items, item) } |