RanchiMall/fcoin
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

http: safer path parsing.

Browse Source
This commit is contained in:
Christopher Jeffrey 2017-07-06 12:38:15 -07:00
parent 1860064da0
commit b570769eed
No known key found for this signature in database
GPG Key ID: 8962AB9DE6666BBD
1 changed files with 9 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/http/base.js
View File

@ -1181,7 +1181,7 @@ function Request(req, res, url) {
this.headers = Object.create(null);
this.contentType = 'bin';
this.url = '/';
this.pathname = '';
this.pathname = '/';
this.path = [];
this.trailing = false;
this.query = Object.create(null);
@ -1221,8 +1221,13 @@ Request.prototype.init = function init(req, res, url) {
this.emit('end');
});
if (url != null)
this.parse(url);
if (url != null) {
try {
this.parse(url);
} catch (e) {
;
}
}
};
Request.prototype.parse = function parse(url) {
@ -1245,6 +1250,7 @@ Request.prototype.parse = function parse(url) {
}
}
pathname = pathname.replace(/%2f/gi, '');
pathname = unescape(pathname);
} else {
pathname = '/';