From 0d92f678a7ae049eef32314d5c91bd11564ce530 Mon Sep 17 00:00:00 2001
From: Wim Looman <git@nemo157.com>
Date: Wed, 4 Nov 2020 21:01:26 +0100
Subject: [PATCH] Don't serve non-rustdoc resources from the shared resource
 handler

---
 src/web/rustdoc.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/web/rustdoc.rs b/src/web/rustdoc.rs
index 54da9e630..1c5b07ef5 100644
--- a/src/web/rustdoc.rs
+++ b/src/web/rustdoc.rs
@@ -635,6 +635,10 @@ pub struct SharedResourceHandler;
 impl Handler for SharedResourceHandler {
     fn handle(&self, req: &mut Request) -> IronResult<Response> {
         let path = req.url.path();
+        if path.len() > 1 {
+            // All rustdoc shared resources are hosted at the root
+            return Err(Nope::ResourceNotFound.into());
+        }
         let filename = path.last().unwrap(); // unwrap is fine: vector is non-empty
         let suffix = filename.split('.').last().unwrap(); // unwrap is fine: split always works
         if ["js", "css", "woff", "svg"].contains(&suffix) {