From f86c7d69db33ff547647d52fd0dfcdc9c2b5ec4a Mon Sep 17 00:00:00 2001
From: eternal-flame-AD <yume@yumechi.jp>
Date: Sat, 23 Nov 2024 14:46:22 -0600
Subject: [PATCH] Reject unsafe file extensions

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---
 src/lib.rs | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/lib.rs b/src/lib.rs
index 6274d0c..e27e25a 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -992,6 +992,18 @@ impl<C: UpstreamClient + 'static, S: Sandboxing + Send + Sync + 'static> App<C,
     where
         <<C as UpstreamClient>::Response as HTTPResponse>::BodyStream: Unpin,
     {
+        if let Some(ext) = filename.split('.').last() {
+            if [
+                "exe", "com", "dll", "sys", "bat", "cmd", "sh", "bash", "zsh", "fish", "ps1",
+                "psm1", "elf", "so", "dylib", "dmg", "scr", "url", "app", "jar", "apk", "msi",
+                "deb", "rpm", "rpm", "pkg",
+            ]
+            .iter()
+            .any(|x| x.eq_ignore_ascii_case(ext))
+            {
+                return Err(ErrorResponse::unsafe_media());
+            }
+        }
         Self::proxy_impl(method, Some(&filename), State(state), Query(query), info).await
     }
 }