Home Explore Help
Sign In
riff
/
audiogram
Watch 2
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 108 Releases 1 Wiki
Browse Source

Limit routes

Noah 8 years ago
parent
f9977c96c1
commit
642cbecd3e
1 changed files with 4 additions and 4 deletions
Split View Show Diff Stats
  1. 4 4
      server/index.js

+ 4 - 4
server/index.js View File 

@@ -66,12 +66,12 @@ app.get("/status/:id/", status);
66 66 
 // Serve background images and themes JSON statically
67 67 
 app.use("/settings/", function(req, res, next) {
68 68
69 
-  // Keep server settings off limits
70 
-  if (req.url.match(/\.js$/i)) {
71 
-    return res.status(404).send("Cannot GET " + path.join("/settings", req.url));
69 
+  // Limit to themes.json and bg images
70 
+  if (req.url.match(/^\/?themes.json$/i) || req.url.match(/^\/?backgrounds\/[^/]+$/i)) {
71 
+    return next();
72 72 
   }
73 73
74 
-  next();
74 
+  return res.status(404).send("Cannot GET " + path.join("/settings", req.url));
75 75
76 76 
 }, express.static(path.join(__dirname, "..", "settings")));
77 77