indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Reject attempts to get python files

main
Bob Mottram 2025-05-19 11:23:23 +01:00
parent d37fcf9e2f
commit 59243e9b58
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
daemon_get.py
View File

@ -311,6 +311,12 @@ def daemon_http_get(self) -> None:
http_404(self, 145)
return
# py
if self.path.endswith('.py'):
print('GET HTTP Attempt to access Python file ' + self.path)
http_404(self, 146)
return
if contains_invalid_chars(str(self.headers)):
print('GET HTTP headers contain invalid characters ' +
str(self.headers))

6
daemon_post.py
View File

@ -122,6 +122,12 @@ def daemon_http_post(self) -> None:
http_404(self, 146)
return
# py
if self.path.endswith('.py'):
print('POST HTTP Attempt to access Python file ' + self.path)
http_404(self, 146)
return
calling_domain = self.server.domain_full
if self.headers.get('Host'):
calling_domain = decoded_host(self.headers['Host'])