There is a serious issue with obtaining the hash method with "?hash"
jincandev opened this issue · 1 comments
jincandev commented
Problem
If hash request parameters are used to obtain resource hashes, it will violate the principles of the HTTP protocol. When parsing resource collections such as m3u8, if the internal sub resources have already been configured with hash request parameters by default, the entire m3u8 resource cannot be fully parsed. For example, if there is a "data. ts?hash=xxxxxx" in the. m3u8 file.
it is recommended to use "xxx/file.exe:hash" to obtain the file hashes
Configuration
Log
Environment:
- Dufs version:
- Browser/Webdav info:
- OS info:
- Proxy server: e.g. nginx, cloudflare
sigoden commented
Any design requires a balance between convenience and safety. In the dufs service, avoiding the use of ?hash
should not be difficult.