Permalink
Browse files

Use safer URIs

  • Loading branch information...
1 parent 4545e7b commit 1a7fa3df6f84d4e3c130dceb14335f039013184c @kriszyp committed Jan 4, 2011
Showing with 3 additions and 3 deletions.
  1. +2 −2 lib/jsgi/archive.js
  2. +1 −1 lib/model/package.js
View
@@ -8,7 +8,7 @@ module.exports = function(request){
return when(staticApp(request), function(response){
if(request.pathInfo.substring(0,10) == "/archives/"){
if(response.status == 404){
- return when(cacheArchive(decodeURIComponent(request.pathInfo.substring(10))), function(){
+ return when(cacheArchive(decodeURIComponent(request.pathInfo.substring(10).replace(/$/g,'%'))), function(){
return when(staticApp(request), function(response){
console.log("setting content type");
if(request.pathInfo.match(/zipball/)){
@@ -38,7 +38,7 @@ module.exports = function(request){
};
var maxSize = 10000000;
function cacheArchive(url){
- var cachedUrl = "/archives/" + encodeURIComponent(url);
+ var cachedUrl = "/archives/" + encodeURIComponent(url).replace(/%/g,'$');
// download the archive into our local mirror
try{
var exists = fs.statSync("public/" + cachedUrl).mtime.getTime();
View
@@ -260,7 +260,7 @@ var maxSize = 10000000;
exports.cacheArchive = cacheArchive;
function cacheArchive(url){
// download the archive into our local mirror
- return "/archives/" + encodeURIComponent(url);
+ return "/archives/" + encodeURIComponent(url).replace(/%/g,'$');
}
function request(args, tries){

0 comments on commit 1a7fa3d

Please sign in to comment.