DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

Optimize function related to forbidden path checking and hostname matching

Browse source
This commit is contained in:
Dorian Niemiec 2024-08-28 11:29:54 +02:00
parent 32d29be09f
commit 0318047078
2 changed files with 32 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

61
src/utils/forbiddenPaths.js
View file

@ -22,57 +22,50 @@ function getInitializePath(to) {
}
}
// Function to check if URL path name is a forbidden path.
function isForbiddenPath(decodedHref, match) {
const forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false;
const isWin32 = os.platform() === "win32";
const decodedHrefLower = isWin32 ? decodedHref.toLowerCase() : null;
if (typeof forbiddenPath === "string") {
return (
decodedHref === forbiddenPath ||
(os.platform() === "win32" &&
decodedHref.toLowerCase() === forbiddenPath.toLowerCase())
);
return isWin32
? decodedHrefLower === forbiddenPath.toLowerCase()
: decodedHref === forbiddenPath;
}
if (typeof forbiddenPath === "object") {
return forbiddenPath.some((forbiddenPathSingle) => {
return (
decodedHref === forbiddenPathSingle ||
(os.platform() === "win32" &&
decodedHref.toLowerCase() === forbiddenPathSingle.toLowerCase())
);
});
return isWin32
? forbiddenPath.some((path) => decodedHrefLower === path.toLowerCase())
: forbiddenPath.includes(decodedHref);
}
return false;
}
// Function to check if URL path name is index of one of defined forbidden paths.
function isIndexOfForbiddenPath(decodedHref, match) {
const forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false;
const isWin32 = os.platform() === "win32";
const decodedHrefLower = isWin32 ? decodedHref.toLowerCase() : null;
if (typeof forbiddenPath === "string") {
return (
decodedHref === forbiddenPath ||
decodedHref.indexOf(forbiddenPath + "/") === 0 ||
(os.platform() === "win32" &&
(decodedHref.toLowerCase() === forbiddenPath.toLowerCase() ||
decodedHref
.toLowerCase()
.indexOf(forbiddenPath.toLowerCase() + "/") === 0))
);
const forbiddenPathLower = isWin32 ? forbiddenPath.toLowerCase() : null;
return isWin32
? decodedHrefLower.indexOf(forbiddenPathLower) == 0
: decodedHref.indexOf(forbiddenPath) == 0;
}
if (typeof forbiddenPath === "object") {
return forbiddenPath.some((forbiddenPathSingle) => {
return (
decodedHref === forbiddenPathSingle ||
decodedHref.indexOf(forbiddenPathSingle + "/") === 0 ||
(os.platform() === "win32" &&
(decodedHref.toLowerCase() === forbiddenPathSingle.toLowerCase() ||
decodedHref
.toLowerCase()
.indexOf(forbiddenPathSingle.toLowerCase() + "/") === 0))
);
});
return isWin32
? forbiddenPath.some(
(path) => decodedHrefLower.indexOf(path.toLowerCase()) == 0,
)
: forbiddenPath.some((path) => decodedHref.indexOf(path) == 0);
}
return false;
}

10
src/utils/matchHostname.js
View file

@ -1,17 +1,17 @@
function matchHostname(hostname, reqHostname) {
if (typeof hostname == "undefined" || hostname == "*") {
if (typeof hostname === "undefined" || hostname === "*") {
return true;
} else if (reqHostname && hostname.indexOf("*.") == 0 && hostname != "*.") {
} else if (reqHostname && hostname.indexOf("*.") == 0 && hostname !== "*.") {
const hostnamesRoot = hostname.substring(2);
if (
reqHostname == hostnamesRoot ||
reqHostname === hostnamesRoot ||
(reqHostname.length > hostnamesRoot.length &&
reqHostname.indexOf("." + hostnamesRoot) ==
reqHostname.indexOf("." + hostnamesRoot) ===
reqHostname.length - hostnamesRoot.length - 1)
) {
return true;
}
} else if (reqHostname && reqHostname == hostname) {
} else if (reqHostname && reqHostname === hostname) {
return true;
}
return false;