welll fuck me
Cette révision appartient à :
ayame-git
Parent
42c79c2794
révision
ac6f4f82fb
3 fichiers modifiés avec 12 ajouts et 8 suppressions
|
|
@ -97,7 +97,7 @@ func ApiViewHandler(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if config.UploadsDisabled {
|
||||
http.Error(w, "Error uploads are disabled", http.StatusInternalServerError)
|
||||
http.Error(w, "Error uploads are disabled", http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -105,7 +105,7 @@ func ApiUploadHandler(w http.ResponseWriter, r *http.Request) {
|
|||
user := model.User{}
|
||||
db.ORM.Where("api_token = ?", token).First(&user) //i don't like this
|
||||
if user.ID == 0 {
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusForbidden)
|
||||
http.Error(w, apiService.ErrApiKey.Error(), http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -166,8 +166,9 @@ func (f *UploadForm) ExtractInfo(r *http.Request) error {
|
|||
if !strings.HasPrefix(exactTopic, "urn:btih:") {
|
||||
return metainfo.ErrInvalidTorrentFile
|
||||
}
|
||||
f.Infohash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
matched, err := regexp.MatchString("^[0-9A-F]{40}$", f.Infohash)
|
||||
exactTopic = strings.SplitAfter(exactTopic, ":")[2]
|
||||
f.InfoHash = strings.ToUpper(strings.Split(exactTopic, "&")[0])
|
||||
matched, err := regexp.MatchString("^[0-9A-Z]+$", f.Infohash) //ffuuuuuuck
|
||||
if err != nil || !matched {
|
||||
return metainfo.ErrInvalidTorrentFile
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package apiService
|
|||
import (
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
|
@ -92,16 +93,18 @@ func validateMagnet(r *TorrentRequest) (error, int) {
|
|||
return err, http.StatusInternalServerError
|
||||
}
|
||||
exactTopic := magnetUrl.Query().Get("xt")
|
||||
fmt.Println(exactTopic)
|
||||
if !strings.HasPrefix(exactTopic, "urn:btih:") {
|
||||
return ErrMagnet, http.StatusNotAcceptable
|
||||
}
|
||||
r.Hash = strings.ToUpper(strings.TrimPrefix(exactTopic, "urn:btih:"))
|
||||
exactTopic = strings.SplitAfter(exactTopic, ":")[2]
|
||||
r.Hash = strings.ToUpper(strings.Split(exactTopic, "&")[0])
|
||||
return nil, http.StatusOK
|
||||
}
|
||||
|
||||
func validateHash(r *TorrentRequest) (error, int) {
|
||||
r.Hash = strings.ToUpper(r.Hash)
|
||||
matched, err := regexp.MatchString("^[0-9A-F]{40}$", r.Hash)
|
||||
matched, err := regexp.MatchString("^[0-9A-Z]+$", r.Hash) //fucking garbage
|
||||
if err != nil {
|
||||
return err, http.StatusInternalServerError
|
||||
}
|
||||
|
|
@ -146,11 +149,11 @@ func (r *TorrentRequest) ValidateMultipartUpload(req *http.Request) (int64, erro
|
|||
}
|
||||
// check a few things
|
||||
if torrent.IsPrivate() {
|
||||
return 0, errors.New("private torrents not allowed"), http.StatusBadRequest
|
||||
return 0, errors.New("private torrents not allowed"), http.StatusNotAcceptable
|
||||
}
|
||||
trackers := torrent.GetAllAnnounceURLS()
|
||||
if !uploadService.CheckTrackers(trackers) {
|
||||
return 0, errors.New("tracker(s) not allowed"), http.StatusBadRequest
|
||||
return 0, errors.New("tracker(s) not allowed"), http.StatusNotAcceptable
|
||||
}
|
||||
if r.Name == "" {
|
||||
r.Name = torrent.TorrentName()
|
||||
|
|
|
|||
Référencer dans un nouveau ticket