File tree Expand file tree Collapse file tree 1 file changed +7
-4
lines changed
BlueMapCommon/src/main/java/de/bluecolored/bluemap/common/web Expand file tree Collapse file tree 1 file changed +7
-4
lines changed Original file line number Diff line number Diff line change @@ -51,13 +51,11 @@ public FileRequestHandler(Path webRoot) {
5151 @ Override
5252 public HttpResponse handle (HttpRequest request ) {
5353 if (
54- !request .getMethod ().equalsIgnoreCase ("GET" ) &&
55- !request .getMethod ().equalsIgnoreCase ("POST" )
56- ) return new HttpResponse (HttpStatusCode .NOT_IMPLEMENTED );
54+ !request .getMethod ().equalsIgnoreCase ("GET" )
55+ ) return new HttpResponse (HttpStatusCode .BAD_REQUEST );
5756
5857 HttpResponse response = generateResponse (request );
5958
60-
6159 return response ;
6260 }
6361
@@ -103,6 +101,11 @@ private HttpResponse generateResponse(HttpRequest request) {
103101 return new HttpResponse (HttpStatusCode .NOT_FOUND );
104102 }
105103
104+ // don't send php files
105+ if (file .getName ().endsWith (".php" )) {
106+ return new HttpResponse (HttpStatusCode .FORBIDDEN );
107+ }
108+
106109 // check if file is still in web-root and is not a directory
107110 if (!file .toPath ().normalize ().startsWith (webRoot ) || file .isDirectory ()){
108111 return new HttpResponse (HttpStatusCode .FORBIDDEN );
You can’t perform that action at this time.
0 commit comments