johanels/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2025-12-12 00:34:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

API: Improve request parameter sanitation #1814

Browse Source
This commit is contained in:
Michael Mayer
2021-12-14 18:34:52 +01:00
parent 9a8144c046
commit 4e94919030
34 changed files with 338 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
internal/api/download.go
View File

@@ -3,16 +3,16 @@ package api
import (
"net/http"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/entity"
"github.com/photoprism/photoprism/internal/service"
"github.com/photoprism/photoprism/internal/photoprism"
"github.com/photoprism/photoprism/internal/query"
"github.com/photoprism/photoprism/pkg/fs"
"github.com/photoprism/photoprism/pkg/txt"
"github.com/photoprism/photoprism/internal/service"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/pkg/fs"
"github.com/photoprism/photoprism/pkg/sanitize"
"github.com/photoprism/photoprism/pkg/txt"
)
// TODO: GET /api/v1/dl/file/:hash
@@ -44,7 +44,7 @@ func GetDownload(router *gin.RouterGroup) {
return
}
fileHash := c.Param("hash")
fileHash := sanitize.Token(c.Param("hash"))
f, err := query.FileByHash(fileHash)