Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix for GHSA-hcpx-66hq-7g4x. Cross-site reflection
  • Loading branch information
TekMonksGitHub committed Jul 31, 2021
1 parent c83fde7 commit 4601a9b
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions frontend/server/server.js
Expand Up @@ -131,12 +131,12 @@ function _sendFile(fileRequested, req, res, stats) {
if (conf.enableGZIPEncoding && acceptEncodingHeader.includes("gzip") && mime && (!Array.isArray(mime) || Array.isArray(mime) && mime[1]) ) {
res.writeHead(200, _getServerHeaders({ "Content-Type": Array.isArray(mime)?mime[0]:mime, "Content-Encoding": "gzip" }, stats));
rawStream.pipe(zlib.createGzip()).pipe(res)
.on("error", err => _sendError(req, res, 500, `500: ${req.url}, Server error: ${err}`))
.on("error", err => _sendError(req, res, 500, `500: Error: ${err}`))
.on("end", _ => res.end());
} else {
res.writeHead(200, mime ? _getServerHeaders({"Content-Type":Array.isArray(mime)?mime[0]:mime}, stats) : _getServerHeaders({}, stats));
rawStream.on("data", chunk => res.write(chunk, "binary"))
.on("error", err => _sendError(req, res, 500, `500: ${req.url}, Server error: ${err}`))
.on("error", err => _sendError(req, res, 500, `500: Error: ${err}`))
.on("end", _ => res.end());
}
}
Expand Down

0 comments on commit 4601a9b

Please sign in to comment.