Skip to content

Commit 5a4d9e8

Browse files
alexander-akaitalexander-akait
authored
fix: security problem (#1799)
1 parent 54e4a96 commit 5a4d9e8

File tree

1 file changed

+13
-12
lines changed

1 file changed

+13
-12
lines changed

src/middleware.js

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ function wrapper(context) {
8989

9090
resolve(next());
9191
},
92-
req
92+
req,
9393
);
9494
});
9595
}
@@ -99,7 +99,8 @@ function wrapper(context) {
9999
const extra = {};
100100
const filename = getFilenameFromUrl(
101101
context,
102-
/** @type {string} */ (req.url)
102+
/** @type {string} */ (req.url),
103+
extra,
103104
);
104105

105106
if (!filename) {
@@ -149,7 +150,7 @@ function wrapper(context) {
149150
*/
150151
(header) => {
151152
setHeaderForResponse(res, header.key, header.value);
152-
}
153+
},
153154
);
154155
}
155156

@@ -165,7 +166,7 @@ function wrapper(context) {
165166
setHeaderForResponse(
166167
res,
167168
"Content-Type",
168-
context.options.mimeTypeDefault
169+
context.options.mimeTypeDefault,
169170
);
170171
}
171172
}
@@ -213,7 +214,7 @@ function wrapper(context) {
213214
setHeaderForResponse(
214215
res,
215216
"Content-Range",
216-
getValueContentRangeHeader("bytes", size)
217+
getValueContentRangeHeader("bytes", size),
217218
);
218219
setHeaderForResponse(res, "Content-Type", "text/html; charset=utf-8");
219220

@@ -224,7 +225,7 @@ function wrapper(context) {
224225
setHeaderForResponse(
225226
res,
226227
"Content-Length",
227-
Buffer.byteLength(document)
228+
Buffer.byteLength(document),
228229
);
229230

230231
if (context.options.modifyResponseData) {
@@ -233,7 +234,7 @@ function wrapper(context) {
233234
req,
234235
res,
235236
document,
236-
byteLength
237+
byteLength,
237238
));
238239
}
239240

@@ -242,11 +243,11 @@ function wrapper(context) {
242243
return;
243244
} else if (parsedRanges === -2) {
244245
context.logger.error(
245-
"A malformed 'Range' header was provided. A regular response will be sent for this request."
246+
"A malformed 'Range' header was provided. A regular response will be sent for this request.",
246247
);
247248
} else if (parsedRanges.length > 1) {
248249
context.logger.error(
249-
"A 'Range' header with multiple ranges was provided. Multiple ranges are not supported, so a regular response will be sent for this request."
250+
"A 'Range' header with multiple ranges was provided. Multiple ranges are not supported, so a regular response will be sent for this request.",
250251
);
251252
}
252253

@@ -259,8 +260,8 @@ function wrapper(context) {
259260
getValueContentRangeHeader(
260261
"bytes",
261262
size,
262-
/** @type {import("range-parser").Ranges} */ (parsedRanges)[0]
263-
)
263+
/** @type {import("range-parser").Ranges} */ (parsedRanges)[0],
264+
),
264265
);
265266

266267
[{ start, end }] = parsedRanges;
@@ -304,7 +305,7 @@ function wrapper(context) {
304305
req,
305306
res,
306307
bufferOrStream,
307-
byteLength
308+
byteLength,
308309
));
309310
}
310311

0 commit comments

Comments
 (0)