depau/HackMD
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Update to handle request with invalid uri

Browse source
This commit is contained in:
Wu Cheng-Han 2016-12-03 14:37:24 +08:00
parent 5958654ea4
commit 778b6f32b3
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
app.js
View file

@ -172,6 +172,17 @@ passport.deserializeUser(function (id, done) {
}); });
}); });
// check uri is valid before going further
app.use(function(req, res, next) {
try {
decodeURIComponent(req.path);
} catch (err) {
logger.error(err);
return response.errorBadRequest(res);
}
next();
});
// redirect url with trailing slashes // redirect url with trailing slashes
app.use(function(req, res, next) { app.use(function(req, res, next) {
if ("GET" == req.method && req.path.substr(-1) == '/' && req.path.length > 1) { if ("GET" == req.method && req.path.substr(-1) == '/' && req.path.length > 1) {