Gitlink
/
forgeplus
Not watched
1
0
Fork 0
Code
Releases 16 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
Browse Source

fixed get_file request.referer 防盗链

pull/346/head
xxq250 1 year ago
parent
d887eb5d41
commit
84a46a1042
1 changed files with 1 additions and 2 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -2
      app/controllers/attachments_controller.rb

+ 1
- 2
app/controllers/attachments_controller.rb View File

@@ -30,8 +30,7 @@ class AttachmentsController < ApplicationController


def get_file
Rails.logger.info("request.host===#{request.host}")
Rails.logger.info("request.referer===#{request.referer}")
tip_exception(403, "你没有权限访问") if request.host.present? && !request.referer.to_s.include?(request.host.to_s.gsub("www.",""))
normal_status(-1, "参数缺失") if params[:download_url].blank?
url = base_url.starts_with?("https:") ? params[:download_url].to_s.gsub("http:", "https:") : params[:download_url].to_s
md5_file = Digest::MD5.hexdigest(params[:download_url])


Write Preview
Loading…
Cancel
Save