zoriya/flood
1
0
Fork 0
mirror of https://github.com/zoriya/flood.git synced 2026-06-05 03:39:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

server: torrents: handle no content and access denied cases in download

Browse Source
This commit is contained in:
Jesse Chan
2020-12-06 21:49:40 +08:00
parent 541b914002
commit f0b9ca4e2c
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/routes/api/torrents.ts
+7 -1
View File
@@ -541,7 +541,9 @@ router.get('/:hash/contents/:indices/data', (req, res) => {
if (!selectedTorrent) return res.status(404).json({error: 'Torrent not found.'}); if (!selectedTorrent) return res.status(404).json({error: 'Torrent not found.'});
return req.services?.clientGatewayService?.getTorrentContents(hash).then((contents) => { return req.services?.clientGatewayService?.getTorrentContents(hash).then((contents) => {
if (!contents) return res.status(404).json({error: 'Torrent contents not found'}); if (!contents || contents.length < 1) {
return res.status(404).json({error: 'Torrent contents not found'});
}
let indices: Array<number>; let indices: Array<number>;
if (!stringIndices || stringIndices === 'all') { if (!stringIndices || stringIndices === 'all') {
@@ -557,6 +559,10 @@ router.get('/:hash/contents/:indices/data', (req, res) => {
}) })
.filter((filePath) => isAllowedPath(filePath)); .filter((filePath) => isAllowedPath(filePath));
if (filePathsToDownload.length < 1) {
return res.status(403).json(accessDeniedError());
}
if (filePathsToDownload.length === 1) { if (filePathsToDownload.length === 1) {
const file = filePathsToDownload[0]; const file = filePathsToDownload[0];
if (!fs.existsSync(file)) return res.status(404).json({error: 'File not found.'}); if (!fs.existsSync(file)) return res.status(404).json({error: 'File not found.'});