36 lines
1.1 KiB
Go
36 lines
1.1 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"os"
|
|
"path"
|
|
"strings"
|
|
|
|
"golang.org/x/net/webdav"
|
|
)
|
|
|
|
// errImagesOnly is returned when upload is rejected by image-only filter.
|
|
var errImagesOnly = errors.New("webdav: only image and SVG files allowed (.svg, .png, .jpg, .jpeg, .gif, .webp, .ico, .bmp, .avif)")
|
|
|
|
// allowedImageExtensions are the only extensions permitted for upload when images-only mode is on.
|
|
var allowedImageExtensions = map[string]bool{
|
|
".svg": true, ".png": true, ".jpg": true, ".jpeg": true,
|
|
".gif": true, ".webp": true, ".ico": true, ".bmp": true, ".avif": true,
|
|
}
|
|
|
|
// imageOnlyFS wraps a webdav.FileSystem and rejects PUT/copy of files that are not images or SVG.
|
|
type imageOnlyFS struct {
|
|
webdav.FileSystem
|
|
}
|
|
|
|
func (f *imageOnlyFS) OpenFile(ctx context.Context, name string, flags int, perm os.FileMode) (webdav.File, error) {
|
|
if flags&(os.O_CREATE|os.O_WRONLY|os.O_RDWR) != 0 {
|
|
ext := strings.ToLower(path.Ext(path.Clean(name)))
|
|
if ext == "" || !allowedImageExtensions[ext] {
|
|
return nil, errImagesOnly
|
|
}
|
|
}
|
|
return f.FileSystem.OpenFile(ctx, name, flags, perm)
|
|
}
|