Fix path traversal

tnantoka · Feb 15, 2018 · eae8ad8 · eae8ad8
1 parent c5c1410
commit eae8ad8
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/bin/public b/bin/public
@@ -67,6 +67,7 @@ switch (args[0]) {
       }
     }
 }
+var root = path.resolve(dir);
 
 if (path) {
   http.createServer(function(req, res) {
@@ -75,6 +76,13 @@ if (path) {
     var base = filePath.replace(dir, ''); // Base path for browser link
     var abs = path.resolve(filePath); 
     console.log(new Date().toString(), abs);
+
+    if (abs.indexOf(root) !== 0) {
+      res.writeHead(403, { 'Content-Type': 'text/plain' });
+      res.end('Forbidden\n');
+      return;
+    }
+
     fs.readFile(filePath, function(err, data) {
       if (err) {
         res.writeHead(200, { 'Content-Type': 'text/html' });