From 67dda01fcb1fb3476eae9560d5c0404dc48c41f0 Mon Sep 17 00:00:00 2001
From: MeiMei <30769358+mei23@users.noreply.github.com>
Date: Fri, 14 Jun 2019 12:14:23 +0900
Subject: image以外はproxyしないように (#5051)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/server/proxy/proxy-media.ts | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'src/server')

diff --git a/src/server/proxy/proxy-media.ts b/src/server/proxy/proxy-media.ts
index e16665f6cd..4535a0fb5d 100644
--- a/src/server/proxy/proxy-media.ts
+++ b/src/server/proxy/proxy-media.ts
@@ -17,6 +17,8 @@ export async function proxyMedia(ctx: Koa.BaseContext) {
 
 		const [type, ext] = await detectMine(path);
 
+		if (!type.startsWith('image/')) throw 403;
+
 		let image: IImage;
 
 		if ('static' in ctx.query && ['image/png', 'image/gif'].includes(type)) {
-- 
cgit v1.2.3-freya