serve-static
Advanced tools
Comparing version 1.6.4 to 1.6.5
@@ -0,1 +1,7 @@ | ||
1.6.5 / 2015-02-04 | ||
================== | ||
* Fix potential open redirect when mounted at root | ||
- Back-ported from v1.7.2 | ||
1.6.4 / 2014-10-08 | ||
@@ -2,0 +8,0 @@ ================== |
21
index.js
@@ -82,6 +82,9 @@ /*! | ||
originalUrl.pathname += '/' | ||
// append trailing slash | ||
originalUrl.pathname = collapseLeadingSlashes(originalUrl.pathname + '/') | ||
// reformat the URL | ||
var target = url.format(originalUrl) | ||
// send redirect response | ||
res.statusCode = 303 | ||
@@ -120,1 +123,17 @@ res.setHeader('Content-Type', 'text/html; charset=utf-8') | ||
exports.mime = send.mime | ||
/** | ||
* Collapse all leading slashes into a single slash | ||
* @private | ||
*/ | ||
function collapseLeadingSlashes(str) { | ||
for (var i = 0; i < str.length; i++) { | ||
if (str[i] !== '/') { | ||
break | ||
} | ||
} | ||
return i > 1 | ||
? '/' + str.substr(i) | ||
: str | ||
} |
{ | ||
"name": "serve-static", | ||
"description": "Serve static files", | ||
"version": "1.6.4", | ||
"version": "1.6.5", | ||
"author": "Douglas Christopher Wilson <doug@somethingdoug.com>", | ||
@@ -6,0 +6,0 @@ "license": "MIT", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
13373
111