Merge pull request 'html.c: Don't let public get into timeline.html_' (#67) from yonle/snac2:master into master

Reviewed-on: https://codeberg.org/grunfink/snac2/pulls/67
author: grunfink <grunfink@noreply.codeberg.org> 2023-07-14 05:23:44 +0000
committer: grunfink <grunfink@noreply.codeberg.org> 2023-07-14 05:23:44 +0000
commit: 510bd60cdfd976d4493527faeb22a1d4c3328cc6 (patch)
tree: 72702744a00dbd30cf12aef664b419d90501058b /html.c
parent: 4ab22b2c14cd0a94b05488d247b5669922415f5e (diff)
parent: 77f5b51126a22aac0f44f19a85ad47fa0b841361 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/html.c b/html.c
index 5598a4f..ef1374c 100644
--- a/html.c
+++ b/html.c
@@ -1843,7 +1843,11 @@ int html_get_handler(const xs_dict *req, const char *q_path,
         xs *l    = xs_split(p_path, "/");
         char *id = xs_list_get(l, 1);
 
-        if ((*body = history_get(&snac, id)) != NULL) {
+        if (xs_endswith(id, "timeline.html_")) {
+            // Don't let them in.
+            *b_size = 0;
+            status = 404;
+        } else if ((*body = history_get(&snac, id)) != NULL) {
             *b_size = strlen(*body);
             status  = 200;
         }
author	grunfink <grunfink@noreply.codeberg.org>	2023-07-14 05:23:44 +0000
committer	grunfink <grunfink@noreply.codeberg.org>	2023-07-14 05:23:44 +0000
commit	510bd60cdfd976d4493527faeb22a1d4c3328cc6 (patch)
tree	72702744a00dbd30cf12aef664b419d90501058b /html.c
parent	4ab22b2c14cd0a94b05488d247b5669922415f5e (diff)
parent	77f5b51126a22aac0f44f19a85ad47fa0b841361 (diff)