Do not accept “subdirectories” for public campsite types URL
For now, it ends with the UUID or 404.
This commit is contained in:
parent
852acaccc3
commit
6e7df4ca79
|
@ -28,25 +28,33 @@ type PublicHandler struct {
|
|||
|
||||
func (h *PublicHandler) Handler(user *auth.User, company *auth.Company, conn *database.Conn) http.Handler {
|
||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
var typeUuid string
|
||||
typeUuid, r.URL.Path = httplib.ShiftPath(r.URL.Path)
|
||||
|
||||
if !uuid.Valid(typeUuid) {
|
||||
http.NotFound(w, r)
|
||||
return
|
||||
}
|
||||
|
||||
var head string
|
||||
head, r.URL.Path = httplib.ShiftPath(r.URL.Path)
|
||||
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
if !uuid.Valid(head) {
|
||||
http.NotFound(w, r)
|
||||
return
|
||||
switch head {
|
||||
case "":
|
||||
switch r.Method {
|
||||
case http.MethodGet:
|
||||
page, err := newPublicPage(r.Context(), company, conn, user.Locale, typeUuid)
|
||||
if database.ErrorIsNotFound(err) {
|
||||
http.NotFound(w, r)
|
||||
return
|
||||
} else if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
page.MustRender(w, r, user, company, conn)
|
||||
default:
|
||||
httplib.MethodNotAllowed(w, r, http.MethodGet)
|
||||
}
|
||||
page, err := newPublicPage(r.Context(), company, conn, user.Locale, head)
|
||||
if database.ErrorIsNotFound(err) {
|
||||
http.NotFound(w, r)
|
||||
return
|
||||
} else if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
page.MustRender(w, r, user, company, conn)
|
||||
default:
|
||||
httplib.MethodNotAllowed(w, r, http.MethodGet)
|
||||
http.NotFound(w, r)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue