1
0
Fork 0
forked from svrjs/svrjs

Update to SVR.JS 3.9.2

This commit is contained in:
Dorian Niemiec 2023-09-06 20:23:53 +02:00
parent 10ee128136
commit 9406ffda5f
4 changed files with 23 additions and 12 deletions

View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.9.1</title> <title>SVR.JS 3.9.2</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,7 +12,7 @@
</style> </style>
</head> </head>
<body> <body>
<h1>Welcome to SVR.JS 3.9.1</h1> <h1>Welcome to SVR.JS 3.9.2</h1>
<br/> <br/>
<img src="/logo.png" style="width: 256px;" /> <img src="/logo.png" style="width: 256px;" />
<br/> <br/>
@ -117,7 +117,7 @@
</div> </div>
<p>Changes:</p> <p>Changes:</p>
<ul> <ul>
<li>Added new config.json property - exposeModsInErrorPages</li> <li>Mitigated security vulnerability: SVR.JS mods and server-side JavaScript using req.url are no longer vulnerable to path traversal (not including query strings).</li>
</ul> </ul>
<p>Bugs:</p> <p>Bugs:</p>
<ul> <ul>

View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.9.1 Licenses</title> <title>SVR.JS 3.9.2 Licenses</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,8 +12,8 @@
</style> </style>
</head> </head>
<body> <body>
<h1>SVR.JS 3.9.1 Licenses</h1> <h1>SVR.JS 3.9.2 Licenses</h1>
<h2>SVR.JS 3.9.1</h2> <h2>SVR.JS 3.9.2</h2>
<div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;"> <div style="display: inline-block; text-align: left; border-width: 2px; border-style: solid; border-color: gray; padding: 8px;">
MIT License<br/> MIT License<br/>
<br/> <br/>
@ -37,7 +37,7 @@
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/> OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE<br/>
SOFTWARE.<br/> SOFTWARE.<br/>
</div> </div>
<h2>Packages used by SVR.JS 3.9.1 and utilities</h2> <h2>Packages used by SVR.JS 3.9.2 and utilities</h2>
<div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;"> <div style="width: 100%; background-color: #ccc; border: 1px solid green; text-align: left; margin: 10px 0;">
<div style="float: right;">License: MIT</div> <div style="float: right;">License: MIT</div>
<div style="font-size: 20px;"> <div style="font-size: 20px;">

17
svr.js
View file

@ -81,7 +81,7 @@ function deleteFolderRecursive(path) {
} }
var os = require("os"); var os = require("os");
var version = "3.9.1"; var version = "3.9.2";
var singlethreaded = false; var singlethreaded = false;
if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions if (process.versions) process.versions.svrjs = version; // Inject SVR.JS into process.versions
@ -4043,7 +4043,8 @@ if (!cluster.isPrimary) {
// Sanitize URL // Sanitize URL
var sanitizedHref = sanitizeURL(href); var sanitizedHref = sanitizeURL(href);
var preparedReqUrl = uobject.pathname + (uobject.search ? uobject.search : "") + (uobject.hash ? uobject.hash : "");
// Check if URL is "dirty" // Check if URL is "dirty"
if (href != sanitizedHref && !isProxy) { if (href != sanitizedHref && !isProxy) {
var sanitizedURL = uobject; var sanitizedURL = uobject;
@ -4076,6 +4077,14 @@ if (!cluster.isPrimary) {
redirect(sanitizedURL, false); redirect(sanitizedURL, false);
return; return;
} }
} else if(req.url != preparedReqUrl && !isProxy) {
serverconsole.resmessage("URL sanitized: " + req.url + " => " + preparedReqUrl);
if(rewriteDirtyURLs) {
req.url = preparedReqUrl;
} else {
redirect(preparedReqUrl, false);
return;
}
} }
// Handle redirects to HTTPS // Handle redirects to HTTPS
@ -4206,7 +4215,9 @@ if (!cluster.isPrimary) {
} }
var sHref = sanitizeURL(href); var sHref = sanitizeURL(href);
if (sHref != href.replace(/\/\.(?=\/|$)/g, "/").replace(/\/+/g, "/")) { var preparedReqUrl2 = uobject.pathname + (uobject.search ? uobject.search : "") + (uobject.hash ? uobject.hash : "");
if (req.url != preparedReqUrl2 || sHref != href.replace(/\/\.(?=\/|$)/g, "/").replace(/\/+/g, "/")) {
callServerError(403); callServerError(403);
serverconsole.errmessage("Content blocked."); serverconsole.errmessage("Content blocked.");
return; return;

View file

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>SVR.JS 3.9.1 Tests</title> <title>SVR.JS 3.9.2 Tests</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta charset="UTF-8" /> <meta charset="UTF-8" />
<style> <style>
@ -12,7 +12,7 @@
</style> </style>
</head> </head>
<body> <body>
<h1>SVR.JS 3.9.1 Tests</h1> <h1>SVR.JS 3.9.2 Tests</h1>
<h2>Directory</h2> <h2>Directory</h2>
<iframe src="/testdir" width="50%" height="300px"></iframe> <iframe src="/testdir" width="50%" height="300px"></iframe>
<h2>Directory (with query)</h2> <h2>Directory (with query)</h2>