diff options
| author | Russ Cox <rsc@golang.org> | 2021-11-17 23:19:04 -0500 |
|---|---|---|
| committer | Russ Cox <rsc@golang.org> | 2021-11-22 16:43:03 +0000 |
| commit | ceabbb96f3ea960c06beccce4dc2ffacba2e7ec4 (patch) | |
| tree | 8a8148b733690979098b23b304e48e497902ea07 /cmd/golangorg | |
| parent | 40c0eef09728d0b38f740dfe55031330800b1456 (diff) | |
| download | go-x-website-ceabbb96f3ea960c06beccce4dc2ffacba2e7ec4.tar.xz | |
cmd/golangorg: hide $GOROOT/*.md
We do not intend $GOROOT/README.md to be served
as go.dev/README, and so on. Worst of all, on Macs and Windows
(with case-insensitive file systems), SECURITY.md overrides
_content/security.html.
Change-Id: I4ac53508c34a4799aa4afd45db7e7e266e179936
Reviewed-on: https://go-review.googlesource.com/c/website/+/365098
Trust: Russ Cox <rsc@golang.org>
Reviewed-by: Jamal Carvalho <jamal@golang.org>
Diffstat (limited to 'cmd/golangorg')
| -rw-r--r-- | cmd/golangorg/server.go | 18 | ||||
| -rw-r--r-- | cmd/golangorg/testdata/godev.txt | 11 |
2 files changed, 28 insertions, 1 deletions
diff --git a/cmd/golangorg/server.go b/cmd/golangorg/server.go index eec03c54..86876da5 100644 --- a/cmd/golangorg/server.go +++ b/cmd/golangorg/server.go @@ -244,7 +244,7 @@ func playHandler(site *web.Site) http.Handler { // and registers it in mux to handle requests for host. // If host is the empty string, the registrations are for the wildcard host. func newSite(mux *http.ServeMux, host string, content, goroot fs.FS) (*web.Site, error) { - fsys := unionFS{content, &fixSpecsFS{goroot}} + fsys := unionFS{content, &hideRootMDFS{&fixSpecsFS{goroot}}} site := web.NewSite(fsys) site.Funcs(template.FuncMap{ "googleAnalytics": func() string { return googleAnalytics }, @@ -653,6 +653,22 @@ func (fsys fixSpecsFS) Open(name string) (fs.File, error) { return fsys.fs.Open(name) } +// A hideRootMDFS is an FS that hides *.md files in the root directory. +// We use this to hide the Go repository's CONTRIBUTING.md, +// README.md, and SECURITY.md. The last is particularly problematic +// when running locally on a Mac, because it can be opened as +// security.md, which takes priority over _content/security.html. +type hideRootMDFS struct { + fs fs.FS +} + +func (fsys hideRootMDFS) Open(name string) (fs.File, error) { + if !strings.Contains(name, "/") && strings.HasSuffix(name, ".md") { + return nil, errors.New(".md file not available") + } + return fsys.fs.Open(name) +} + // A seekableFS is an FS wrapper that makes every file seekable // by reading it entirely into memory when it is opened and then // serving read operations (including seek) from the memory copy. diff --git a/cmd/golangorg/testdata/godev.txt b/cmd/golangorg/testdata/godev.txt index 5ea8d15e..64c0e2be 100644 --- a/cmd/golangorg/testdata/godev.txt +++ b/cmd/golangorg/testdata/godev.txt @@ -46,3 +46,14 @@ body contains Sorry, but shared playground snippets are not visible in China. body !contains The Go Playground body !contains About the Playground +# These $GOROOT/*.md files should not serve. +GET https://go.dev/CONTRIBUTING +code == 404 + +GET https://go.dev/README +code == 404 + +# $GOROOT/SECURITY.md should not serve either, +# but on a case-insensitive file system, +# https://go.dev/SECURITY is served from _content/security.html, +# so we can't assert a 404. |