aboutsummaryrefslogtreecommitdiffstats
path: root/web/web.go
diff options
context:
space:
mode:
Diffstat (limited to 'web/web.go')
-rw-r--r--web/web.go4
1 files changed, 3 insertions, 1 deletions
diff --git a/web/web.go b/web/web.go
index 245f844..4f111a3 100644
--- a/web/web.go
+++ b/web/web.go
@@ -31,6 +31,8 @@ var gzPool = sync.Pool{
},
}
+const maxImageProxySize = 10 * 1024 * 1024 // 10 MB
+
var (
//go:embed static/*
staticFiles embed.FS
@@ -89,7 +91,7 @@ func imageProxyHandler(w http.ResponseWriter, r *http.Request) {
return
}
- bts, err := io.ReadAll(resp.Body)
+ bts, err := io.ReadAll(io.LimitReader(resp.Body, maxImageProxySize))
if err != nil {
http.Error(w, "failed to read proxy image", http.StatusNotFound)
return
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-27 12:28:20 +0000