summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/server/proxy/proxy-media.ts2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/server/proxy/proxy-media.ts b/src/server/proxy/proxy-media.ts
index e16665f6cd..4535a0fb5d 100644
--- a/src/server/proxy/proxy-media.ts
+++ b/src/server/proxy/proxy-media.ts
@@ -17,6 +17,8 @@ export async function proxyMedia(ctx: Koa.BaseContext) {
const [type, ext] = await detectMine(path);
+ if (!type.startsWith('image/')) throw 403;
+
let image: IImage;
if ('static' in ctx.query && ['image/png', 'image/gif'].includes(type)) {
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 20:06:11 +0000