search

ponzu-cms / ponzu

Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go.
https://docs.ponzu-cms.org
BSD 3-Clause "New" or "Revised" License
5.68k stars 387 forks source link

System/backup does not follow symlinks #288

Closed vkuznecovas closed 5 years ago

vkuznecovas commented 5 years ago

I'm running ponzu with a symlinked upload directory. When trying to fetch the upload backup through API, the following log line appears on the running ponzu:

read uploads: is a directory

The response still returns a 200 success, but with a malformed body that's missing the proper contents.

This is caused by system/backup ArchiveFS function. The ArchiveFS does NOT check for symlink in the provided basedir therefore ends up walking over itself and crashing. Since the error is not handled properly the message is logged and the 200 status is still reported.

nilslice commented 5 years ago

Hey -- thanks for reporting! I'll check out your PR #289 and run some tests, then check back with any findings or merge in. Thank you for the contribution!

vkuznecovas commented 5 years ago

@nilslice since you've merged the PR, I'm closing this. Thanks!