aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/mod_http_files.lua
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2016-03-03 16:06:16 +0100
committerKim Alvefur <zash@zash.se>2016-03-03 16:06:16 +0100
commitae606b2cdfedf41a2b6f8fd5e90fe5ddac3892e4 (patch)
tree6ff9f371d84546013bcbbb7ad355b0230c37b46b /plugins/mod_http_files.lua
parent0b702d28acf78831d94c75d4c239650ee1fe2c53 (diff)
parent3140ed3d626e976639ef5f38efb9790008834d9c (diff)
downloadprosody-ae606b2cdfedf41a2b6f8fd5e90fe5ddac3892e4.tar.gz
prosody-ae606b2cdfedf41a2b6f8fd5e90fe5ddac3892e4.zip
Merge 0.10->trunk
Diffstat (limited to 'plugins/mod_http_files.lua')
-rw-r--r--plugins/mod_http_files.lua11
1 files changed, 8 insertions, 3 deletions
diff --git a/plugins/mod_http_files.lua b/plugins/mod_http_files.lua
index 0c542714..3b602495 100644
--- a/plugins/mod_http_files.lua
+++ b/plugins/mod_http_files.lua
@@ -56,6 +56,7 @@ end
local urldecode = require "util.http".urldecode;
function sanitize_path(path)
+ if not path then return end
local out = {};
local c = 0;
@@ -74,6 +75,9 @@ function sanitize_path(path)
out[c] = component;
end
end
+ if path:sub(-1,-1) == "/" then
+ out[c+1] = "";
+ end
return "/"..table.concat(out, "/");
end
@@ -88,12 +92,13 @@ function serve(opts)
local directory_index = opts.directory_index;
local function serve_file(event, path)
local request, response = event.request, event.response;
- path = sanitize_path(path);
- if not path then
+ local sanitized_path = sanitize_path(path);
+ if path and not sanitized_path then
return 400;
end
+ path = sanitized_path;
local orig_path = sanitize_path(request.path);
- local full_path = base_path .. (path and "/"..path or ""):gsub("/", path_sep);
+ local full_path = base_path .. (path or ""):gsub("/", path_sep);
local attr = stat(full_path:match("^.*[^\\/]")); -- Strip trailing path separator because Windows
if not attr then
return 404;