Permalink
Browse files

return a different message if curl is used to GET /

  • Loading branch information...
tdjsnelling committed Jan 30, 2018
1 parent 5159c75 commit bb6f9b461e99651dae356ed02bc9bed7885577da
Showing with 15 additions and 1 deletion.
  1. +10 −1 index.js
  2. +1 −0 package.json
  3. +4 −0 public/index.html
View
@@ -7,6 +7,7 @@ var crypto = require('crypto');
var fs = require('fs');
var swig = require('swig');
var consolidate = require('consolidate');
var useragent = require('express-useragent');
var mongoose = require('mongoose');
var config = require('./config');
@@ -54,12 +55,20 @@ var upload = multer({ limits: { fileSize: maxFileSize }, storage: storage, fileF
var uploadFunc = upload.single('file');
app.use(express.urlencoded({ extended: true }));
app.use(useragent.express());
app.set('views', __dirname + '/public');
app.set('view engine', 'ejs');
app.engine('html', consolidate.swig);
var curlGet = '0x1.host\n\nupload: curl -F file=@yourfile.txt ' + rootUrl + '\nmax file size: ' + maxFileSize / (1024 * 1024) + ' MiB\nnot allowed: ' + doNotAllow + '\nfile persistence: ' + filePersistence + ' days \n';
app.get('/', (req, res) => {
res.render('index.html', { url: rootUrl, maxFileSize: maxFileSize / (1024 * 1024), doNotAllow: doNotAllow, filePersistence: filePersistence, abuseEmail: abuseEmail });
if (req.useragent.isCurl) {
res.send(curlGet);
}
else {
res.render('index.html', { url: rootUrl, maxFileSize: maxFileSize / (1024 * 1024), doNotAllow: doNotAllow, filePersistence: filePersistence, abuseEmail: abuseEmail });
}
});
app.post('/', (req, res) => {
View
@@ -11,6 +11,7 @@
"dependencies": {
"consolidate": "^0.15.0",
"express": "^4.16.2",
"express-useragent": "^1.0.8",
"mime-types": "^2.1.17",
"mongoose": "^5.0.2",
"multer": "^1.3.0",
View
@@ -26,9 +26,13 @@
<u>file persistence</u>: {{ filePersistence }} days
<u>clone and run your own instance</u>: https://github.com/tdjsnelling/0x1
<u>contact</u>: {{ abuseEmail }}
<u>privacy</u>: by default, this service logs original filenames and associated ip addresses.
this is only so users can request deletion of all their files etc.
</pre>
</body>
</html>

0 comments on commit bb6f9b4

Please sign in to comment.