2019-07-07 02:25:05 +00:00
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
|
|
package upload
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// ErrFileTypeForbidden not allowed file type error
|
|
|
|
|
type ErrFileTypeForbidden struct {
|
|
|
|
|
Type string
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// IsErrFileTypeForbidden checks if an error is a ErrFileTypeForbidden.
|
|
|
|
|
func IsErrFileTypeForbidden(err error) bool {
|
|
|
|
|
_, ok := err.(ErrFileTypeForbidden)
|
|
|
|
|
return ok
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (err ErrFileTypeForbidden) Error() string {
|
|
|
|
|
return fmt.Sprintf("File type is not allowed: %s", err.Type)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// VerifyAllowedContentType validates a file is allowed to be uploaded.
|
|
|
|
|
func VerifyAllowedContentType(buf []byte, allowedTypes []string) error {
|
|
|
|
|
fileType := http.DetectContentType(buf)
|
|
|
|
|
|
|
|
|
|
for _, t := range allowedTypes {
|
|
|
|
|
t := strings.Trim(t, " ")
|
|
|
|
|
|
2019-08-17 10:10:17 +00:00
|
|
|
if t == "*/*" || t == fileType ||
|
|
|
|
|
// Allow directives after type, like 'text/plain; charset=utf-8'
|
|
|
|
|
strings.HasPrefix(fileType, t+";") {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2019-07-07 02:25:05 +00:00
|
|
|
}
|
|
|
|
|
|
2019-08-17 10:10:17 +00:00
|
|
|
log.Info("Attachment with type %s blocked from upload", fileType)
|
|
|
|
|
return ErrFileTypeForbidden{Type: fileType}
|
2019-07-07 02:25:05 +00:00
|
|
|
}
|
