public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

check pad urls before serving it

pull/35/head
Peter 'Pita' Martischka 2011-06-30 12:40:31 +01:00
parent 7f17eb9903
commit 5c7d96b469
1 changed files with 25 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
node/server.js
View File

@ -75,16 +75,30 @@ async.waterfall([
}); });
//serve pad.html under /p //serve pad.html under /p
app.get('/p/:pad', function(req, res) app.get('/p/:pad', function(req, res, next)
{ {
//ensure the padname is valid and the url doesn't end with a /
if(!isValidPadname(req.params.pad) || /\/$/.test(req.url))
{
next();
return;
}
res.header("Server", serverName); res.header("Server", serverName);
var filePath = path.normalize(__dirname + "/../static/pad.html"); var filePath = path.normalize(__dirname + "/../static/pad.html");
res.sendfile(filePath); res.sendfile(filePath);
}); });
//serve timeslider.html under /p/$padname/timeslider //serve timeslider.html under /p/$padname/timeslider
app.get('/p/:pad/timeslider', function(req, res) app.get('/p/:pad/timeslider', function(req, res, next)
{ {
//ensure the padname is valid and the url doesn't end with a /
if(!isValidPadname(req.params.pad) || /\/$/.test(req.url))
{
next();
return;
}
res.header("Server", serverName); res.header("Server", serverName);
var filePath = path.normalize(__dirname + "/../static/timeslider.html"); var filePath = path.normalize(__dirname + "/../static/timeslider.html");
res.sendfile(filePath); res.sendfile(filePath);
@ -132,3 +146,12 @@ async.waterfall([
callback(null); callback(null);
} }
]); ]);
function isValidPadname(padname)
{
//ensure there is no dollar sign in the pad name
if(padname.indexOf("$")!=-1)
return false;
return true;
}