From 4996fa50a2290c43adb608016c7dc30fc7f720bb Mon Sep 17 00:00:00 2001
From: Stephen McQuay <stephen@mcquay.me>
Date: Mon, 21 Oct 2013 19:44:52 -0700
Subject: [PATCH] 401 on hidden files/dirs

---
 main.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/main.go b/main.go
index f5f3680..5770749 100644
--- a/main.go
+++ b/main.go
@@ -6,13 +6,19 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"strings"
 )
 
 var port = flag.Int("port", 8000, "port from which to serve")
+var hidden = flag.Bool("hidden", false, "allow serving hidden dirs")
 
 func logger(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		log.Printf("%s: %s\n", r.RemoteAddr, r.URL)
+		if !*hidden && strings.Contains(r.URL.Path, "/.") {
+			http.Error(w, "hidden files and directories are not allowed", http.StatusUnauthorized)
+			return
+		}
 		h.ServeHTTP(w, r)
 	})
 }