Permalink
Browse files

Use safer URIs

  • Loading branch information...
1 parent 4545e7b commit e1d9f3796db4de55b9c334a2de6da0699a99ca2e @kriszyp committed Jan 4, 2011
Showing with 2 additions and 2 deletions.
  1. +2 −2 lib/jsgi/archive.js
View
@@ -8,7 +8,7 @@ module.exports = function(request){
return when(staticApp(request), function(response){
if(request.pathInfo.substring(0,10) == "/archives/"){
if(response.status == 404){
- return when(cacheArchive(decodeURIComponent(request.pathInfo.substring(10))), function(){
+ return when(cacheArchive(decodeURIComponent(request.pathInfo.substring(10).replace(/$/g,'%'))), function(){
return when(staticApp(request), function(response){
console.log("setting content type");
if(request.pathInfo.match(/zipball/)){
@@ -38,7 +38,7 @@ module.exports = function(request){
};
var maxSize = 10000000;
function cacheArchive(url){
- var cachedUrl = "/archives/" + encodeURIComponent(url);
+ var cachedUrl = "/archives/" + encodeURIComponent(url).replace(/%/g,'$');
// download the archive into our local mirror
try{
var exists = fs.statSync("public/" + cachedUrl).mtime.getTime();

0 comments on commit e1d9f37

Please sign in to comment.