href is invalid when there is query string in url #85
Comments
This was referenced Oct 10, 2013
jfhbrook
pushed a commit
that referenced
this issue
Oct 21, 2013
url validation should be done in `ecstatic.js` (#85) Fix redirect location (use `parsed.pathname` instead of urldecoded `pathname`) (#86) Fix encoding of href genereated in `writeRow()`, no longer need `decodeURI()` (hence error check) here (#86) Query string is appended to href (if applicable) (#85) Use html5 doctype and utf-8 encoding (#84) Use `<table>` to in `render()` (so we can add more columns later on) Add '/' to dir entries (both link and display name) Add some comments Fixed some linter warnings Fixed test case for 'subdir_with space' (#86) Added test case for non-ascii url (#86) On branch issue84-85-86 Changes to be committed: modified: lib/ecstatic.js modified: lib/ecstatic/showdir.js modified: test/core.js new file: test/public/subdir_with space/file_with space.html new file: "test/public/\344\270\255\346\226\207/\346\252\224\346\241\210.html"
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Start ecstatic with
--showDir, open this url:The href's got
?key=valuewithin, which is invalid.Changing this in
showdir.js:writeRow()will ignore the query string:But the test 'malformed showdir uri' will then fail, I think this test is incorrect in putting the malformed string in the query.
The test failed incidentally in the first place because of this issue.
We already protect against invalid
pathnameinecstatic.js:middleware(). We could check the query part by passingreq.urlthere.I would suggest checking
req.urlinecstatic.js:middleware(), and test malformed string in both query and pathname inmalformed-dir.js.The text was updated successfully, but these errors were encountered: