Making valid() middleware a little more robust & removing the need …

…to validate the request method later in the middleware, major version bump to handle breaking behavior
avoidwork · Jul 9, 2017 · 1d8a7b7 · 1d8a7b7
1 parent 3ad5ed7
commit 1d8a7b7
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 10 deletions.
diff --git a/index.js b/index.js
@@ -8,17 +8,21 @@ const path = require("path"),
 	random = Math.floor(Math.random() * max) + 1;
 
 function valid (req, res, next) {
-	const pathname = req.parsed.pathname.replace(regex.root, ""),
-		invalid = (pathname.replace(regex.dir, "").split("/").filter(i => i !== ".")[0] || "") === "..",
-		outDir = !invalid ? (pathname.match(/\.{2}\//g) || []).length : 0,
-		inDir = !invalid ? (pathname.match(/\w+?(\.\w+|\/)+/g) || []).length : 0;
+	if (req.allow.indexOf(req.method) > -1) {
+		const pathname = req.parsed.pathname.replace(regex.root, ""),
+			invalid = (pathname.replace(regex.dir, "").split("/").filter(i => i !== ".")[0] || "") === "..",
+			outDir = !invalid ? (pathname.match(/\.{2}\//g) || []).length : 0,
+			inDir = !invalid ? (pathname.match(/\w+?(\.\w+|\/)+/g) || []).length : 0;
 
-	if (invalid) {
-		next(new Error(404));
-	} else if (outDir > 0 && outDir >= inDir) {
-		next(new Error(404));
+		if (invalid) {
+			next(new Error(404));
+		} else if (outDir > 0 && outDir >= inDir) {
+			next(new Error(404));
+		} else {
+			next();
+		}
 	} else {
-		next();
+		next(new Error(req.allow.length > 0 ? 405 : 404));
 	}
 }
 

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "woodland",
-  "version": "1.3.8",
+  "version": "2.0.0",
   "description": "Lightweight HTTP/HTTPS router with virtual hosts, and automatic `Allow` & `CORS` headers",
   "main": "index.js",
   "scripts": {