rushlink/assets/templates/html/pasteMeta.html.tmpl

36 lines
1.3 KiB
Cheetah
Raw Normal View History

2019-09-15 22:54:07 +02:00
{{define "title"}}
2019-12-16 05:49:17 +01:00
'{{.Paste.Key}}{{.FileExt}}' metadata - rushlink
{{end}}
{{define "body"}}
<pre>
<a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}</a>
---
{{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
with delete token: <a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}</a>
{{else -}}
with delete token: &lt;unknown&gt;
{{end -}}
type: {{.Paste.Type}}
state: {{.Paste.State}}
{{if .Paste.TimeCreated.IsZero -}}
created: unknown
{{else -}}
created: {{.Paste.TimeCreated}}
{{end -}}
delete token: {{.CanDelete.String}}
{{if and (ne .Paste.State.String "deleted") .CanDelete.Bool}}
```
# To delete this {{.Paste.Type}}, execute:
{{- /*
We have the option here to take the deleteToken from the user request or
from .Paste. Both are equivalent as long as .CanDelete is correct. We
use the .Request value, because leaking the deleteToken would be a more
dramatic vulnerability.
*/}}
curl --request "DELETE" "<a href="{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}">{{.Host}}/{{.Paste.Key}}{{.FileExt}}?deleteToken={{.Request.URL.Query.Get "deleteToken"}}"</a>
```
</pre>
{{end}}
2019-09-15 22:54:07 +02:00
{{end}}