aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/server/HttpServer.hx14
-rw-r--r--src/server/Main.hx4
2 files changed, 15 insertions, 3 deletions
diff --git a/src/server/HttpServer.hx b/src/server/HttpServer.hx
index c4853ee..7f257a4 100644
--- a/src/server/HttpServer.hx
+++ b/src/server/HttpServer.hx
@@ -50,7 +50,7 @@ class HttpServer {
}
public static function serveFiles(req:IncomingMessage, res:ServerResponse):Void {
- var url = decodeURI(req.url);
+ var url = safeDecodeURI(req.url);
if (url == "/") url = "/index.html";
var filePath = dir + url;
final ext = Path.extension(filePath).toLowerCase();
@@ -183,7 +183,7 @@ class HttpServer {
fn:(req:IncomingMessage) -> Bool
):Null<ClientRequest> {
final url = try {
- new URL(decodeURI(url));
+ new URL(safeDecodeURI(url));
} catch (e) return null;
if (url.host == req.headers["host"]) return null;
final options = {
@@ -216,6 +216,16 @@ class HttpServer {
return contentType;
}
+ static final ctrlCharacters = ~/[\u0000-\u001F\u007F-\u009F\u2000-\u200D\uFEFF]/g;
+
+ static function safeDecodeURI(data:String):String {
+ try {
+ data = decodeURI(data);
+ } catch (err) {}
+ data = ctrlCharacters.replace(data, "");
+ return data;
+ }
+
static inline function decodeURI(data:String):String {
return js.Syntax.code("decodeURI({0})", data);
}
diff --git a/src/server/Main.hx b/src/server/Main.hx
index b038f01..49ac025 100644
--- a/src/server/Main.hx
+++ b/src/server/Main.hx
@@ -123,7 +123,7 @@ class Main {
});
wss = new WSServer({server: server});
wss.on("connection", onConnect);
- server.listen(port);
+ server.listen(port, onServerInited);
new Timer(25000).run = () -> {
for (client in clients) {
@@ -137,6 +137,8 @@ class Main {
};
}
+ dynamic function onServerInited():Void {};
+
public function exit():Void {
saveState();
logger.saveLog();
send patches to the email below
yukais@pinapelz.com
include the subject [PATCH repo_name]
pinapelz.com
homepage