安全设置中增加禁止搜索引擎、禁止爬虫、允许访问的域名等选项

2025-11-10 17:30:29 +08:00 · 2022-07-07 19:58:30 +08:00
parent dc08847a7d
commit 3605f71f70
5 changed files with 108 additions and 8 deletions
--- a/internal/web/helpers/user_should_auth.go
+++ b/internal/web/helpers/user_should_auth.go
@@ -22,7 +22,7 @@ func (this *UserShouldAuth) BeforeAction(actionPtr actions.ActionWrapper, paramN
 	this.action = actionPtr.Object()

 	// 安全相关
-	action := this.action
+	var action = this.action
 	securityConfig, _ := configloaders.LoadSecurityConfig()
 	if securityConfig == nil {
 		action.AddHeader("X-Frame-Options", "SAMEORIGIN")
@@ -42,6 +42,12 @@ func (this *UserShouldAuth) BeforeAction(actionPtr actions.ActionWrapper, paramN
 		return false
 	}

+	// 检查请求
+	if !checkRequestSecurity(securityConfig, action.Request) {
+		action.ResponseWriter.WriteHeader(http.StatusForbidden)
+		return false
+	}
+
 	return true
 }