I'm writting small website on Go, and i found some problems, that i dont know how to solve. So...
The basic idea is to have one single folder for themes, called /themes/
where we will put all our themes, f.e. classic
, modern
, etc.
The directory tree will looks like:
/themes/
classic/
index.html
header.html
footer.html
css/
style.css
js/
lib.js
modern/
index.html
header.html
footer.html
css/
style.css
js/
lib.js
So, my http handlers:
func main() {
reloadConfig()
http.HandleFunc("/", homeHandler)
http.HandleFunc("/reloadConfigHandler/", reloadConfigHandler)
// TODO: Theme loads html files also
http.Handle("/static/", http.StripPrefix("/static/", http.FileServer(http.Dir("themes/"+config.Theme+"/"))))
http.ListenAndServe(":80", nil)
}
The Problem
The problem is that my templates files can be opened from the outside, if i open path http://localhost/static/index.html
, so i need solution to:
- Deny
/static/
, show 404. - Deny
/static/*.html
, show 404. - Allow
/static/{folder_name}/{file_name}
so in future i can addimg
folder orfonts
folder, and content inside of them will be served by server to client.
Thanks in advice.