mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-26 04:13:30 +03:00
9d114c7fa6
closes #942 - insert custom middleware to check for blacklisted files - redirect to express.static if file accepted - if not valid return next() to do nothing - currently black listing .hbs, .txt, .md and .json - debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting a theme serve unknown types
32 lines
819 B
JavaScript
32 lines
819 B
JavaScript
|
|
var _ = require('underscore'),
|
|
express = require('express'),
|
|
path = require('path');
|
|
|
|
function isBlackListedFileType(file) {
|
|
var blackListedFileTypes = ['.hbs', '.md', '.txt', '.json'],
|
|
ext = path.extname(file);
|
|
return _.contains(blackListedFileTypes, ext);
|
|
}
|
|
|
|
var middleware = {
|
|
|
|
staticTheme: function (g) {
|
|
var ghost = g;
|
|
return function blackListStatic(req, res, next) {
|
|
if (isBlackListedFileType(req.url)) {
|
|
return next();
|
|
}
|
|
|
|
return middleware.forwardToExpressStatic(ghost, req, res, next);
|
|
};
|
|
},
|
|
|
|
// to allow unit testing
|
|
forwardToExpressStatic: function (ghost, req, res, next) {
|
|
return express['static'](ghost.paths().activeTheme)(req, res, next);
|
|
}
|
|
};
|
|
|
|
module.exports = middleware;
|