rei-mirrors/dockview
1
0
Fork 0
mirror of https://github.com/mathuo/dockview synced 2025-02-12 19:35:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

Block malicious looking requests to prevent path traversal attacks.

Browse Source
This commit is contained in:
Jafar Akhondali 2024-11-07 17:23:01 +01:00
parent 1a9ee8c34e
commit fe39c475a2
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
packages/docs/web-server/index.mjs
View File

@ -35,5 +35,10 @@ function write(res, file) {
http.createServer((req, res) => { http.createServer((req, res) => {
const route = req.url.split('/').slice(1); const route = req.url.split('/').slice(1);
if (route.includes('..')) {
res.writeHead(403);
res.end('');
return;
}
write(res, route); write(res, route);
}).listen(PORT, HOST); }).listen(PORT, HOST);