html.c: Don't let public get into timeline.html_

Signed-off-by: Yonle <yonle@lecturify.net>
author: Yonle <yonle@lecturify.net> 2023-07-14 11:59:31 +0700
committer: Yonle <yonle@lecturify.net> 2023-07-14 11:59:31 +0700
commit: 77f5b51126a22aac0f44f19a85ad47fa0b841361 (patch)
tree: 72702744a00dbd30cf12aef664b419d90501058b /html.c
parent: 4ab22b2c14cd0a94b05488d247b5669922415f5e (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/html.c b/html.c
index 5598a4f..ef1374c 100644
--- a/html.c
+++ b/html.c
@@ -1843,7 +1843,11 @@ int html_get_handler(const xs_dict *req, const char *q_path,
         xs *l    = xs_split(p_path, "/");
         char *id = xs_list_get(l, 1);
 
-        if ((*body = history_get(&snac, id)) != NULL) {
+        if (xs_endswith(id, "timeline.html_")) {
+            // Don't let them in.
+            *b_size = 0;
+            status = 404;
+        } else if ((*body = history_get(&snac, id)) != NULL) {
             *b_size = strlen(*body);
             status  = 200;
         }
author	Yonle <yonle@lecturify.net>	2023-07-14 11:59:31 +0700
committer	Yonle <yonle@lecturify.net>	2023-07-14 11:59:31 +0700
commit	77f5b51126a22aac0f44f19a85ad47fa0b841361 (patch)
tree	72702744a00dbd30cf12aef664b419d90501058b /html.c
parent	4ab22b2c14cd0a94b05488d247b5669922415f5e (diff)