diff options
author | Chocobozzz <florian.bigard@gmail.com> | 2016-11-14 22:56:40 +0100 |
---|---|---|
committer | Chocobozzz <florian.bigard@gmail.com> | 2016-11-16 20:29:26 +0100 |
commit | 73ce7f96762de2238ff998cf1896df6e5cbf0973 (patch) | |
tree | 3bde53399e0c38feb69c86e17d85e6cdfefad164 | |
parent | 2550fab35e0113264369f9637e1bea169efdfc8f (diff) | |
download | PeerTube-73ce7f96762de2238ff998cf1896df6e5cbf0973.tar.gz PeerTube-73ce7f96762de2238ff998cf1896df6e5cbf0973.tar.zst PeerTube-73ce7f96762de2238ff998cf1896df6e5cbf0973.zip |
Server: don't be rude when serving unknown video in watch html file
-rw-r--r-- | server/controllers/client.js | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/server/controllers/client.js b/server/controllers/client.js index 68ddfccf2..e3251d7e9 100644 --- a/server/controllers/client.js +++ b/server/controllers/client.js | |||
@@ -5,11 +5,9 @@ const express = require('express') | |||
5 | const fs = require('fs') | 5 | const fs = require('fs') |
6 | const mongoose = require('mongoose') | 6 | const mongoose = require('mongoose') |
7 | const path = require('path') | 7 | const path = require('path') |
8 | const validator = require('express-validator').validator | ||
8 | 9 | ||
9 | const constants = require('../initializers/constants') | 10 | const constants = require('../initializers/constants') |
10 | const middlewares = require('../middlewares') | ||
11 | const validators = middlewares.validators | ||
12 | const validatorsVideos = validators.videos | ||
13 | 11 | ||
14 | const Video = mongoose.model('Video') | 12 | const Video = mongoose.model('Video') |
15 | const router = express.Router() | 13 | const router = express.Router() |
@@ -20,7 +18,7 @@ const indexPath = path.join(__dirname, '../../client/dist/index.html') | |||
20 | 18 | ||
21 | // Special route that add OpenGraph tags | 19 | // Special route that add OpenGraph tags |
22 | // Do not use a template engine for a so little thing | 20 | // Do not use a template engine for a so little thing |
23 | router.use('/videos/watch/:id', validatorsVideos.videosGet, generateWatchHtmlPage) | 21 | router.use('/videos/watch/:id', generateWatchHtmlPage) |
24 | 22 | ||
25 | router.use('/videos/embed', function (req, res, next) { | 23 | router.use('/videos/embed', function (req, res, next) { |
26 | res.sendFile(embedPath) | 24 | res.sendFile(embedPath) |
@@ -76,13 +74,18 @@ function addOpenGraphTags (htmlStringPage, video) { | |||
76 | } | 74 | } |
77 | 75 | ||
78 | function generateWatchHtmlPage (req, res, next) { | 76 | function generateWatchHtmlPage (req, res, next) { |
77 | const videoId = req.params.id | ||
78 | |||
79 | // Let Angular application handle errors | ||
80 | if (!validator.isMongoId(videoId)) return res.sendFile(indexPath) | ||
81 | |||
79 | parallel({ | 82 | parallel({ |
80 | file: function (callback) { | 83 | file: function (callback) { |
81 | fs.readFile(indexPath, callback) | 84 | fs.readFile(indexPath, callback) |
82 | }, | 85 | }, |
83 | 86 | ||
84 | video: function (callback) { | 87 | video: function (callback) { |
85 | Video.load(req.params.id, callback) | 88 | Video.load(videoId, callback) |
86 | } | 89 | } |
87 | }, function (err, results) { | 90 | }, function (err, results) { |
88 | if (err) return next(err) | 91 | if (err) return next(err) |
@@ -90,6 +93,9 @@ function generateWatchHtmlPage (req, res, next) { | |||
90 | const html = results.file.toString() | 93 | const html = results.file.toString() |
91 | const video = results.video | 94 | const video = results.video |
92 | 95 | ||
96 | // Let Angular application handle errors | ||
97 | if (!video) return res.sendFile(indexPath) | ||
98 | |||
93 | const htmlStringPageWithTags = addOpenGraphTags(html, video) | 99 | const htmlStringPageWithTags = addOpenGraphTags(html, video) |
94 | res.set('Content-Type', 'text/html; charset=UTF-8').send(htmlStringPageWithTags) | 100 | res.set('Content-Type', 'text/html; charset=UTF-8').send(htmlStringPageWithTags) |
95 | }) | 101 | }) |