Skip to content

Commit

Permalink
chore: prevent access to keys using the private scheme
Browse files Browse the repository at this point in the history
  • Loading branch information
@colorfield
colorfield committed Nov 1, 2023
1 parent 6e1fc32 commit b2ce3dc
Showing 1 changed file with 12 additions and 0 deletions.
12 changes: 12 additions & 0 deletions packages/drupal/custom/custom.module
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ use Drupal\media\Entity\Media;
use Drupal\silverback_gutenberg\LinkProcessor;
use Drupal\user\Entity\Role;
use Drupal\user\UserInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;

/**
* Implements hook_default_content_exported_fields_alter().
Expand Down Expand Up @@ -180,3 +181,14 @@ function _custom_key_auth_form_access(UserInterface $user): AccessResult {
$access->addCacheableDependency($user);
return $access;
}

/**
* Implements hook_file_download().
*
* Prevent any access to keys.
*/
function custom_file_download($uri) {
if (str_starts_with($uri, 'private://') && str_ends_with($uri, '.key')) {
throw new AccessDeniedHttpException();
}
}

0 comments on commit b2ce3dc

Please sign in to comment.