From 144860fd2f3bb2a08f9d411ea7d54651c32c341b Mon Sep 17 00:00:00 2001
From: xxq250 <xxq250@qq.com>
Date: Fri, 28 Feb 2025 21:47:14 +0800
Subject: [PATCH] raw referer

---
 app/controllers/repositories_controller.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb
index c9816ef48..0115dda99 100644
--- a/app/controllers/repositories_controller.rb
+++ b/app/controllers/repositories_controller.rb
@@ -298,7 +298,9 @@ class RepositoriesController < ApplicationController
     redirect_to file_path
   end
   
-  def raw 
+  def raw
+    Rails.logger.info("request.host===#{request.host},request.referer===#{request.referer}")
+    tip_exception(403, "你没有权限访问") if request.host.present? && !request.referer.to_s.include?(request.host.to_s.gsub("www.",""))
     domain  = GiteaService.gitea_config[:domain]
     api_url = GiteaService.gitea_config[:base_url]