summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/ninjacloud.go8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/ninjacloud.go b/src/ninjacloud.go
index 3e1f3e3..c3e5322 100644
--- a/src/ninjacloud.go
+++ b/src/ninjacloud.go
@@ -285,7 +285,9 @@ func listDir(path string, recursive bool, filter []string, returnType string) (l
285func fileHandler(w http.ResponseWriter, r *http.Request) { 285func fileHandler(w http.ResponseWriter, r *http.Request) {
286 w.Header().Add("Cache-Control", "no-cache") 286 w.Header().Add("Cache-Control", "no-cache")
287 p := filepath.Clean(r.URL.Path[filePathLen:]) 287 p := filepath.Clean(r.URL.Path[filePathLen:])
288 p = strings.TrimLeft(p, driveName+"/") 288 p = strings.TrimLeft(p, driveName)
289 p = strings.TrimLeft(p, "/")
290 p = strings.TrimLeft(p, "\\")
289 if filepath.IsAbs(p) { 291 if filepath.IsAbs(p) {
290 w.WriteHeader(http.StatusForbidden) 292 w.WriteHeader(http.StatusForbidden)
291 return 293 return
@@ -465,7 +467,9 @@ func fileHandler(w http.ResponseWriter, r *http.Request) {
465func dirHandler(w http.ResponseWriter, r *http.Request) { 467func dirHandler(w http.ResponseWriter, r *http.Request) {
466 w.Header().Add("Cache-Control", "no-cache") 468 w.Header().Add("Cache-Control", "no-cache")
467 p := filepath.Clean(r.URL.Path[dirPathLen:]) 469 p := filepath.Clean(r.URL.Path[dirPathLen:])
468 p = strings.TrimLeft(p, driveName+"/") 470 p = strings.TrimLeft(p, driveName)
471 p = strings.TrimLeft(p, "/")
472 p = strings.TrimLeft(p, "\\")
469 if filepath.IsAbs(p) { 473 if filepath.IsAbs(p) {
470 w.WriteHeader(http.StatusForbidden) 474 w.WriteHeader(http.StatusForbidden)
471 return 475 return