server: add readonly mode to block uploads

This commit is contained in:
mappu 2023-05-17 19:08:24 +12:00
parent e26a3b58b0
commit 64b900d90c
3 changed files with 8 additions and 0 deletions

View File

@ -37,6 +37,7 @@ type ServerOptions struct {
BandwidthLimit int64 BandwidthLimit int64
TrustXForwardedFor bool TrustXForwardedFor bool
EnableHomepage bool EnableHomepage bool
EnableUpload bool
MaxConcurrentThumbs int MaxConcurrentThumbs int
ServerPublicProperties ServerPublicProperties
} }

View File

@ -20,6 +20,7 @@ func main() {
maxUploadSpeed := flag.Int("speed", 0, "Maximum upload speed in bytes/sec (set zero for unlimited)") maxUploadSpeed := flag.Int("speed", 0, "Maximum upload speed in bytes/sec (set zero for unlimited)")
trustXForwardedFor := flag.Bool("trustXForwardedFor", false, "Trust X-Forwarded-For reverse proxy headers") trustXForwardedFor := flag.Bool("trustXForwardedFor", false, "Trust X-Forwarded-For reverse proxy headers")
enableHomepage := flag.Bool("enableHomepage", true, "Enable homepage (disable for embedded use only)") enableHomepage := flag.Bool("enableHomepage", true, "Enable homepage (disable for embedded use only)")
enableUpload := flag.Bool("enableUpload", true, "Enable uploads (disable for read-only mode)")
diskFilesWorldReadable := flag.Bool("diskFilesWorldReadable", false, "Save files as 0644 instead of 0600") diskFilesWorldReadable := flag.Bool("diskFilesWorldReadable", false, "Save files as 0644 instead of 0600")
maxConcurrentThumbs := flag.Int("concurrentthumbs", contented.DEFAULT_MAX_CONCURRENT_THUMBS, "Simultaneous thumbnail generation") maxConcurrentThumbs := flag.Int("concurrentthumbs", contented.DEFAULT_MAX_CONCURRENT_THUMBS, "Simultaneous thumbnail generation")
@ -31,6 +32,7 @@ func main() {
BandwidthLimit: int64(*maxUploadSpeed), BandwidthLimit: int64(*maxUploadSpeed),
TrustXForwardedFor: *trustXForwardedFor, TrustXForwardedFor: *trustXForwardedFor,
EnableHomepage: *enableHomepage, EnableHomepage: *enableHomepage,
EnableUpload: *enableUpload,
DiskFilesWorldReadable: *diskFilesWorldReadable, DiskFilesWorldReadable: *diskFilesWorldReadable,
MaxConcurrentThumbs: *maxConcurrentThumbs, MaxConcurrentThumbs: *maxConcurrentThumbs,
ServerPublicProperties: contented.ServerPublicProperties{ ServerPublicProperties: contented.ServerPublicProperties{

View File

@ -18,6 +18,11 @@ import (
func (this *Server) handleUpload(w http.ResponseWriter, r *http.Request) { func (this *Server) handleUpload(w http.ResponseWriter, r *http.Request) {
if !this.opts.EnableUpload {
http.Error(w, "Server is read-only", 403)
return
}
remoteIP := this.remoteIP(r) remoteIP := this.remoteIP(r)
err := r.ParseMultipartForm(0) // buffer upload in temporary files on disk, not memory err := r.ParseMultipartForm(0) // buffer upload in temporary files on disk, not memory