mirror of
https://github.com/GravitLauncher/Launcher
synced 2024-12-23 00:51:01 +03:00
Fix paths. (#29)
This commit is contained in:
parent
895253012f
commit
71efde7cd2
1 changed files with 3 additions and 5 deletions
|
@ -90,7 +90,7 @@ public void channelRead0(ChannelHandlerContext ctx, FullHttpRequest request) thr
|
||||||
} else {
|
} else {
|
||||||
sendRedirect(ctx, uri + '/');
|
sendRedirect(ctx, uri + '/');
|
||||||
}
|
}
|
||||||
} else sendError(ctx, FORBIDDEN);
|
} else sendError(ctx, NOT_FOUND); // can not handle dirs
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -197,7 +197,7 @@ private static String sanitizeUri(String uri) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Convert file separators.
|
// Convert file separators.
|
||||||
uri = uri.replace('/', File.separatorChar);
|
uri = uri.replace(File.separatorChar, '/');
|
||||||
|
|
||||||
// Simplistic dumb security check.
|
// Simplistic dumb security check.
|
||||||
// You will have to do something serious in the production environment.
|
// You will have to do something serious in the production environment.
|
||||||
|
@ -207,9 +207,7 @@ private static String sanitizeUri(String uri) {
|
||||||
INSECURE_URI.matcher(uri).matches()) {
|
INSECURE_URI.matcher(uri).matches()) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
return uri.substring(1);
|
||||||
// Convert to absolute path.
|
|
||||||
return SystemPropertyUtil.get("user.dir") + File.separator + uri;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static final Pattern ALLOWED_FILE_NAME = Pattern.compile("[^-\\._]?[^<>&\\\"]*");
|
private static final Pattern ALLOWED_FILE_NAME = Pattern.compile("[^-\\._]?[^<>&\\\"]*");
|
||||||
|
|
Loading…
Reference in a new issue