Don't serve statically-compiled `.gz` files that are symlinks

author: Nick Thomas <nick@gitlab.com> 2017-08-08 17:35:00 +0300
committer: Nick Thomas <nick@gitlab.com> 2017-08-08 18:50:54 +0300
commit: 7d4c5cb8faa21efd5e3c89e9f4e850a372c2a4fa (patch)
tree: fc933614b48ca24ca4a4036cc1d236368df64562 /domain.go
parent: 0173d4e6b6b17443155d121a9098d0e742b9c4e3 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/domain.go b/domain.go
index 45e59f94..358a71d8 100644
--- a/domain.go
+++ b/domain.go
@@ -41,8 +41,8 @@ func handleGZip(w http.ResponseWriter, r *http.Request, fullPath string) string
 
 	gzipPath := fullPath + ".gz"
 
-	_, err := os.Stat(gzipPath)
-	if err != nil {
+	// Ensure the .gz file is not a symlink
+	if fi, err := os.Lstat(gzipPath); err != nil || !fi.Mode().IsRegular() {
 		return fullPath
 	}
author	Nick Thomas <nick@gitlab.com>	2017-08-08 17:35:00 +0300
committer	Nick Thomas <nick@gitlab.com>	2017-08-08 18:50:54 +0300
commit	7d4c5cb8faa21efd5e3c89e9f4e850a372c2a4fa (patch)
tree	fc933614b48ca24ca4a4036cc1d236368df64562 /domain.go
parent	0173d4e6b6b17443155d121a9098d0e742b9c4e3 (diff)