github_mirrors/puter
1
0
Fork 0
mirror of https://github.com/HeyPuter/puter.git synced 2025-01-23 06:00:21 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: reduce code paths for querystrings

Browse Source
This commit is contained in:
KernelDeimos 2025-01-20 10:34:25 -05:00
parent 4e578e9b28
commit e8f5450cb0
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/backend/src/modules/web/WebServerService.js
View File

@ -520,6 +520,22 @@ class WebServerService extends BaseService {
app.use(helmet.xssFilter());
// app.use(helmet.referrerPolicy());
app.disable('x-powered-by');
// remove object and array query parameters
app.use(function (req, res, next) {
for ( let k in req.query ) {
if ( req.query[k] === undefined || req.query[k] === null ) {
continue;
}
const allowed_types = ['string', 'number', 'boolean'];
if ( ! allowed_types.includes(typeof req.query[k]) ) {
req.query[k] = undefined;
}
}
console.log('\x1B[36;1m======= ok???', req.query);
next();
});
const uaParser = require('ua-parser-js');
app.use(function (req, res, next) {