mirror
/
c9-core
kopia lustrzana https://github.com/c9/core
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Add warning 

For seriously don't silently eat my urls kthxbye
pull/313/head
Lennart Kats 2016-06-02 10:50:21 +00:00
rodzic edbd8fc19d
commit b3a10c72c2
2 zmienionych plików z 4 dodań i 1 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

4
node_modules/connect-architect/connect.redirect/redirect.js wygenerowano vendored
Wyświetl plik

@ -16,8 +16,10 @@ module.exports = function(options, imports, register) {
imports.connect.addResponseMethod("secureRedirect", function(location) { imports.connect.addResponseMethod("secureRedirect", function(location) {
var parsedLocation = url.parse(location, false, true); var parsedLocation = url.parse(location, false, true);
if (!trustedDomainsRe.test(parsedLocation.host)) if (!trustedDomainsRe.test(parsedLocation.host)) {
console.log("Avoiding untrusted redirect to", parsedLocation.host)
location = parsedLocation.path || "/"; location = parsedLocation.path || "/";
}
this.redirect(location); this.redirect(location);
}); });

1
package.json
Wyświetl plik

@ -59,6 +59,7 @@
], ],
"c9plugins": { "c9plugins": {
"c9.ide.language": "#79bcb2fe06", "c9.ide.language": "#79bcb2fe06",
"c9.ide.language.core": "#undefined",
"c9.ide.language.css": "#be07d72209", "c9.ide.language.css": "#be07d72209",
"c9.ide.language.generic": "#3949510863", "c9.ide.language.generic": "#3949510863",
"c9.ide.language.html": "#22fdc74869", "c9.ide.language.html": "#22fdc74869",