DorianNiemiecSVRJS/svrjs
Archived
1
0
Fork 0
forked from svrjs/svrjs
Code Pull requests Activity

Replace var's with const's in the middleware that checks for forbidden paths.

Browse source
This commit is contained in:
Dorian Niemiec 2024-08-24 17:48:55 +02:00
parent 519988fbdb
commit 24b161b0ed
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
src/middleware/checkForbiddenPaths.js
View file

@ -3,16 +3,16 @@ const path = require("path");
// Function to get URL path for use in forbidden path adding. // Function to get URL path for use in forbidden path adding.
function getInitializePath(to) { function getInitializePath(to) {
var cwd = process.cwd(); const cwd = process.cwd();
if (os.platform() == "win32") { if (os.platform() == "win32") {
to = to.replace(/\//g, "\\"); to = to.replace(/\//g, "\\");
if (to[0] == "\\") to = cwd.split("\\")[0] + to; if (to[0] == "\\") to = cwd.split("\\")[0] + to;
} }
var absoluteTo = path.isAbsolute(to) const absoluteTo = path.isAbsolute(to)
? to ? to
: __dirname + (os.platform() == "win32" ? "\\" : "/") + to; : __dirname + (os.platform() == "win32" ? "\\" : "/") + to;
if (os.platform() == "win32" && cwd[0] != absoluteTo[0]) return ""; if (os.platform() == "win32" && cwd[0] != absoluteTo[0]) return "";
var relative = path.relative(cwd, absoluteTo); const relative = path.relative(cwd, absoluteTo);
if (os.platform() == "win32") { if (os.platform() == "win32") {
return "/" + relative.replace(/\\/g, "/"); return "/" + relative.replace(/\\/g, "/");
} else { } else {
@ -22,7 +22,7 @@ function getInitializePath(to) {
// Function to check if URL path name is a forbidden path. // Function to check if URL path name is a forbidden path.
function isForbiddenPath(decodedHref, match) { function isForbiddenPath(decodedHref, match) {
var forbiddenPath = forbiddenPaths[match]; const forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false; if (!forbiddenPath) return false;
if (typeof forbiddenPath === "string") { if (typeof forbiddenPath === "string") {
return ( return (
@ -45,7 +45,7 @@ function isForbiddenPath(decodedHref, match) {
// Function to check if URL path name is index of one of defined forbidden paths. // Function to check if URL path name is index of one of defined forbidden paths.
function isIndexOfForbiddenPath(decodedHref, match) { function isIndexOfForbiddenPath(decodedHref, match) {
var forbiddenPath = forbiddenPaths[match]; const forbiddenPath = forbiddenPaths[match];
if (!forbiddenPath) return false; if (!forbiddenPath) return false;
if (typeof forbiddenPath === "string") { if (typeof forbiddenPath === "string") {
return ( return (