sneak/pixa
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add 'Never' expiry option for encrypted URLs

Browse Source 
- Make ExpiresAt optional in CBOR (omitempty) for smaller tokens
- Treat ExpiresAt=0 as 'never expires' in parser
- URL-encode token with url.PathEscape() for safety
- Add 'Never' as default TTL option in generator form
This commit is contained in:
Jeffrey Paul
2026-01-08 11:08:11 -08:00
parent d9f4e2038e
commit 014c144d73
2 changed files with 23 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/encurl/encurl.go
View File

@@ -40,7 +40,7 @@ type Payload struct {
Format imgcache.ImageFormat `cbor:"f,omitempty"` // default: orig
Quality int `cbor:"ql,omitempty"` // default: 85
FitMode imgcache.FitMode `cbor:"fm,omitempty"` // default: cover
ExpiresAt int64 `cbor:"e"` // required, Unix timestamp
ExpiresAt int64 `cbor:"e,omitempty"` // 0 = never expires
}
// Generator creates and parses encrypted URL tokens.
@@ -90,8 +90,8 @@ func (g *Generator) Parse(token string) (*Payload, error) {
return nil, ErrInvalidFormat
}
// Check expiration
if time.Now().Unix() > p.ExpiresAt {
// Check expiration (0 = never expires)
if p.ExpiresAt != 0 && time.Now().Unix() > p.ExpiresAt {
return nil, ErrExpired
}