svrjs/redbrick
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity Actions

Prevent source code viewing by "CGI-BIN" instead of "cgi-bin" in Windows

Browse source
This commit is contained in:
Dorian Niemiec 2023-08-14 18:17:37 +02:00
parent b54464e922
commit 7d20f29c3b
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
index.js
View file

@ -286,7 +286,7 @@ Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, e
executeCGI("." + a, req, res, dh, nEnv); executeCGI("." + a, req, res, dh, nEnv);
} }
if (href.indexOf("/cgi-bin") == 0) { if (href.match(new RegExp("/cgi-bin(?:$|[?#/])", os.platform() == "win32" ? "i" : ""))) {
fs.stat("." + href, function (err, stats) { fs.stat("." + href, function (err, stats) {
if (!err) { if (!err) {
if (!stats.isFile()) { if (!stats.isFile()) {
@ -505,7 +505,7 @@ Mod.prototype.callback = function (req, res, serverconsole, responseEnd, href, e
} }
} }
}); });
} else if (href == "/redbrick-interpreters.json" && path.normalize(__dirname + "/../../..") == process.cwd()) { } else if ((href == "/redbrick-interpreters.json" || (os.platform() == "win32" && href.toLowerCase() == "/redbrick-interpreters.json")) && path.normalize(__dirname + "/../../..") == process.cwd()) {
if (!callServerError) { if (!callServerError) {
res.writeHead(200, "OK", { res.writeHead(200, "OK", {
"Content-Type": "application/json", "Content-Type": "application/json",