Sha256: 38e86ebb49af79e8a3853e3b756041966356e78656efbb00b952257c0e24ee01
Contents?: true
Size: 1.05 KB
Versions: 1
Compression:
Stored size: 1.05 KB
Contents
module AdminData class PublicController < ApplicationController def serve # validate filename with a white list unless self.class.admin_data_assets.include? params[:file] render :nothing => true, :status => 404 and return end opts = {:text => File.read(File.join(AdminData.public_dir,params[:file])), :cache => true} case params[:file] when /\.css$/i then opts[:content_type] = "text/css" when /\.js$/i then opts[:content_type] = "text/javascript" when /\.png$/i then opts[:content_type] = "image/png" else render :nothing => true, :status => 404 and return end render opts end protected # Cached list of all assets provided by admin_data # It is used to ensure security in the serve method def self.admin_data_assets @admin_data_assets ||= ( Dir.glob(File.join(AdminData.public_dir,'**','*')).map do |path| # we want only relative paths path = path.split(AdminData.public_dir,2).last end ) end end end
Version data entries
1 entries across 1 versions & 1 rubygems
Version | Path |
---|---|
admin_data-1.1.0 | app/controllers/admin_data/public_controller.rb |