Home Explore
Sign In
alaah
/
pantofel
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

default request handler path security patch

rekjn 5 years ago
parent
83a8be1530
commit
de793b6383
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      index.js

+ 1 - 1
index.js
View File 

@@ -100,7 +100,7 @@ function getMimeType ( filepath )
 
 function createDefaultResponse ( request, response, requestData )
 
 {
 
 	let fullPath = './frontend' + requestData.path;
 
-	fullPath.replace ( /\.\./g, '' );
 
+	fullPath = fullPath.replace( /\.\.\//g, '' );
 
 	
 	if ( fs.existsSync ( fullPath ) && fs.lstatSync ( fullPath ).isDirectory ( ) )
 
 		fullPath = fullPath + 'index.html';