Skip to content

Conversation

@kolbma
Copy link

@kolbma kolbma commented May 26, 2022

Pre-Submission Checklist

  • Opened an issue discussing these changes before opening the PR
  • Ran the linter and tests via make prepush
  • Included comprehensive and convincing tests for changes

Issues

Closes:

Well the most important is the directory traversal from #1910.
And because of there are the other related problems in the serveStatic plugin,
I've combined the stuff.

Changes

There should be no dependency on the dirname for specific path.
Introduced BadRequestErrors for problems on bad paths like urlencoded null bytes.
Added tests to check for traversals.
Reworked existing tests for making more sense.
Remove 2 doubled tests.
lints and style of bodyReader.test fixed to get prepush to run

kolbma and others added 8 commits May 25, 2022 18:57
The 2 tests are already available at line 230.
Fixes restify#1910
Added tests to check for traversals.
Reworked existing tests for making more sense.
Fixes restify#1864
and propable some other BadRequest types.
Fixes restify#1604
There should be no dependency on the dirname for specific path.
This is also to be handled for Gzip content.
Fixes restify#1864
@kolbma kolbma changed the title Plugins serve static fixes Plugins serveStatic fixes May 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant