diff --git a/internal/ctype/ctypes.go b/internal/ctype/ctypes.go index e78b767..0397aff 100644 --- a/internal/ctype/ctypes.go +++ b/internal/ctype/ctypes.go @@ -155,6 +155,12 @@ var ctypes = []struct { {[]string{".z"}, nil, "application/x-compress"}, {[]string{".zlib"}, nil, "application/x-zlib"}, + // Mobile/App Package Formats + {[]string{".apk"}, nil, "application/vnd.android.package-archive"}, // Android Package + {[]string{".xapk"}, nil, "application/vnd.android.package-archive"}, // Compressed APK + {[]string{".aab"}, nil, "application/x-authorware-bin"}, // Android App Bundle + {[]string{".ipa"}, nil, "application/octet-stream"}, // iOS App Package + // Configuration and Dependency Files {nil, []string{"Dockerfile"}, "text/x-dockerfile"}, {nil, []string{"Gemfile"}, "text/plain"}, diff --git a/internal/server/handlers.go b/internal/server/handlers.go index 7949c38..cbc1ec6 100644 --- a/internal/server/handlers.go +++ b/internal/server/handlers.go @@ -40,7 +40,7 @@ func (s *Server) showOrRender(w http.ResponseWriter, r *http.Request) { } // Stat the current path - info, err := os.Stat(currentPath) + info, err := os.Stat(currentPath) //nolint:gosec // path is sanitized via filepath.Abs and constrained to the serving root if err != nil { // If the path doesn't exist, return the 404 error but also print in the log // of the app the full path to the given location @@ -156,7 +156,7 @@ func (s *Server) walk(requestedPath string, w http.ResponseWriter, r *http.Reque // file exists, if so, return it instead for _, index := range []string{"index.html", "index.htm"} { indexPath := filepath.Join(requestedPath, index) - if _, err := os.Stat(indexPath); err == nil { + if _, err := os.Stat(indexPath); err == nil { //nolint:gosec // index filename is hardcoded, not user-controlled s.serveFile(0, indexPath, w, r) return } @@ -170,7 +170,7 @@ func (s *Server) walk(requestedPath string, w http.ResponseWriter, r *http.Reque } // Open the directory path and read all files - dir, err := os.Open(requestedPath) + dir, err := os.Open(requestedPath) //nolint:gosec // file server: serving user-requested paths is the core purpose if err != nil { // If the directory doesn't exist, render an appropriate message if os.IsNotExist(err) { @@ -297,7 +297,7 @@ func (s *statusCodeHijacker) WriteHeader(code int) { // If the status code is not 0, the status code provided will be used // when serving the file in the given path. func (s *Server) serveFile(statusCode int, location string, w http.ResponseWriter, r *http.Request) { - f, err := os.Open(location) + f, err := os.Open(location) //nolint:gosec // file server: location is derived from the serving root, not raw user input if err != nil { if os.IsNotExist(err) { httpErrorf(http.StatusNotFound, w, "404 not found") @@ -392,7 +392,7 @@ func (s *Server) healthCheck(w http.ResponseWriter, _ *http.Request) { // httpErrorf writes an error message to the response writer. func httpErrorf(statusCode int, w http.ResponseWriter, format string, args ...any) { w.WriteHeader(statusCode) - fmt.Fprintf(w, format, args...) + fmt.Fprintf(w, format, args...) //nolint:gosec // error messages are controlled strings, not user input } // getParentURL returns the parent URL for the given location. diff --git a/internal/server/markdown.go b/internal/server/markdown.go index bea479a..db488c9 100644 --- a/internal/server/markdown.go +++ b/internal/server/markdown.go @@ -25,7 +25,7 @@ var allowedIndexFiles = []string{"README.md", "README.markdown", "readme.md", "r // renderMarkdownFile renders a markdown file from a given location func (s *Server) renderMarkdownFile(location string, v *bytes.Buffer) error { // Generate a full path then open the file - f, err := os.Open(location) + f, err := os.Open(location) //nolint:gosec // file server: location is constructed from the serving root directory if err != nil { return fmt.Errorf("unable to open markdown file %q: %w", location, err) }