saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-09-10 10:45:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fixed icons and updated web-vault

Browse Source
This commit is contained in:
Daniel García
2018-02-17 18:48:42 +01:00
parent d5486670d8
commit 0e644d2711
7 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/api/icons.rs
View File

@@ -16,9 +16,11 @@ pub fn routes() -> Vec<Route> {
#[get("/<domain>/icon.png")]
fn icon(domain: String) -> Content<Vec<u8>> {
let icon_type = ContentType::new("image", "x-icon");
// Validate the domain to avoid directory traversal attacks
if domain.contains("/") || domain.contains("..") {
return Content(ContentType::PNG, get_fallback_icon());
return Content(icon_type, get_fallback_icon());
}
let url = format!("https://icons.bitwarden.com/{}/icon.png", domain);
@@ -26,10 +28,10 @@ fn icon(domain: String) -> Content<Vec<u8>> {
// Get the icon, or fallback in case of error
let icon = match get_icon_cached(&domain, &url) {
Ok(icon) => icon,
Err(_) => return Content(ContentType::PNG, get_fallback_icon())
Err(_) => return Content(icon_type, get_fallback_icon())
};
Content(ContentType::PNG, icon)
Content(icon_type, icon)
}
fn get_icon(url: &str) -> Result<Vec<u8>, reqwest::Error> {