Skip to content
Permalink
Browse files Browse the repository at this point in the history
fix open redirect (#3)
* fix open redirect

* update node versions
  • Loading branch information
fardog committed May 9, 2021
1 parent 003b706 commit f8e66f1
Show file tree
Hide file tree
Showing 4 changed files with 1,683 additions and 3 deletions.
5 changes: 3 additions & 2 deletions .travis.yml
@@ -1,4 +1,5 @@
language: node_js
node_js:
- "4"
- "6"
- "10"
- "12"
- "14"
9 changes: 8 additions & 1 deletion index.js
Expand Up @@ -33,7 +33,14 @@ function createTrailing (_options, _next) {
}

res.statusCode = status
res.setHeader('Location', u.format(url))
res.setHeader('Location', escapeLeadingSlashes(u.format(url)))
res.end()
}
}

function escapeLeadingSlashes (url) {
if (url.slice(0, 2) === '//') {
return '/%2F' + url.slice(2)
}
return url
}

0 comments on commit f8e66f1

Please sign in to comment.