1
0
mirror of https://github.com/stonith404/pingvin-share.git synced 2024-11-18 21:30:12 +01:00

fix: disable js execution on raw file view

This commit is contained in:
Elias Schneider 2024-04-05 11:37:47 +02:00
parent 24e100bd7b
commit 9d1a12b0d1
No known key found for this signature in database
GPG Key ID: 07E623B294202B6C

View File

@ -26,7 +26,13 @@ export class FileController {
@SkipThrottle()
@UseGuards(CreateShareGuard, ShareOwnerGuard)
async create(
@Query() query: any,
@Query()
query: {
id: string;
name: string;
chunkIndex: string;
totalChunks: string;
},
@Body() body: string,
@Param("shareId") shareId: string,
) {
@ -69,6 +75,7 @@ export class FileController {
const headers = {
"Content-Type": file.metaData.mimeType,
"Content-Length": file.metaData.size,
"Content-Security-Policy": "script-src 'none'",
};
if (download === "true") {