kamp/pingvin-share
1
0
Fork 0
mirror of https://github.com/stonith404/pingvin-share.git synced 2024-11-18 21:30:12 +01:00
Code

fix: disable js execution on raw file view

Browse Source
This commit is contained in:
Elias Schneider 2024-04-05 11:37:47 +02:00
parent 24e100bd7b
commit 9d1a12b0d1
No known key found for this signature in database
GPG Key ID: 07E623B294202B6C
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
backend/src/file/file.controller.ts
View File

@ -26,7 +26,13 @@ export class FileController {
@SkipThrottle() @SkipThrottle()
@UseGuards(CreateShareGuard, ShareOwnerGuard) @UseGuards(CreateShareGuard, ShareOwnerGuard)
async create( async create(
@Query() query: any, @Query()
query: {
id: string;
name: string;
chunkIndex: string;
totalChunks: string;
},
@Body() body: string, @Body() body: string,
@Param("shareId") shareId: string, @Param("shareId") shareId: string,
) { ) {
@ -69,6 +75,7 @@ export class FileController {
const headers = { const headers = {
"Content-Type": file.metaData.mimeType, "Content-Type": file.metaData.mimeType,
"Content-Length": file.metaData.size, "Content-Length": file.metaData.size,
"Content-Security-Policy": "script-src 'none'",
}; };
if (download === "true") { if (download === "true") {