Harden web/download pipeline and split handler modules
Replace shell-based downloader execution with validated arguments, enforce request hardening and safer defaults, and refactor handlers/router/state so job control is safer and easier to maintain.
This commit is contained in:
30
src/handlers_common.go
Normal file
30
src/handlers_common.go
Normal file
@@ -0,0 +1,30 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
)
|
||||
|
||||
type ProgressInfo struct {
|
||||
Percentage float64
|
||||
CurrentFile string
|
||||
Paused bool
|
||||
Status string
|
||||
}
|
||||
|
||||
var speedLimitRegex = regexp.MustCompile(`^([1-9]\d*(\.\d+)?)(KBps|MBps|GBps)$`)
|
||||
|
||||
func withToken(path string) string {
|
||||
token := strings.TrimSpace(config.Security.AuthToken)
|
||||
if token == "" {
|
||||
return path
|
||||
}
|
||||
|
||||
separator := "?"
|
||||
if strings.Contains(path, "?") {
|
||||
separator = "&"
|
||||
}
|
||||
|
||||
return path + separator + "token=" + url.QueryEscape(token)
|
||||
}
|
||||
Reference in New Issue
Block a user