From 77f5b51126a22aac0f44f19a85ad47fa0b841361 Mon Sep 17 00:00:00 2001
From: Yonle <yonle@lecturify.net>
Date: Fri, 14 Jul 2023 11:59:31 +0700
Subject: [PATCH] html.c: Don't let public get into timeline.html_

Signed-off-by: Yonle <yonle@lecturify.net>
---
 html.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/html.c b/html.c
index 5598a4f..ef1374c 100644
--- a/html.c
+++ b/html.c
@@ -1843,7 +1843,11 @@ int html_get_handler(const xs_dict *req, const char *q_path,
         xs *l    = xs_split(p_path, "/");
         char *id = xs_list_get(l, 1);
 
-        if ((*body = history_get(&snac, id)) != NULL) {
+        if (xs_endswith(id, "timeline.html_")) {
+            // Don't let them in.
+            *b_size = 0;
+            status = 404;
+        } else if ((*body = history_get(&snac, id)) != NULL) {
             *b_size = strlen(*body);
             status  = 200;
         }