oci/zeronet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow only content.json update

Browse source
This commit is contained in:
HelloZeroNet 2016-04-20 23:35:51 +02:00
parent 73c69d54bc
commit c7b8ec5667
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/File/FileRequest.py
View file

@ -91,6 +91,9 @@ class FileRequest(object):
site.settings["size"] = site.content_manager.getTotalSize() # Update site size site.settings["size"] = site.content_manager.getTotalSize() # Update site size
buff = StringIO(params["body"]) buff = StringIO(params["body"])
valid = site.content_manager.verifyFile(params["inner_path"], buff) valid = site.content_manager.verifyFile(params["inner_path"], buff)
if not params["inner_path"].endswith("content.json"):
self.response({"error": "Only content.json update allowed"})
return
if valid is True: # Valid and changed if valid is True: # Valid and changed
self.log.info("Update for %s looks valid, saving..." % params["inner_path"]) self.log.info("Update for %s looks valid, saving..." % params["inner_path"])
buff.seek(0) buff.seek(0)