Mitigated directory traversal in ServeHandler
This commit is contained in:
parent
9ba3bddc96
commit
8894a9a55f
|
|
@ -13,9 +13,9 @@ app = Hyde::Server.new do
|
||||||
postprocess do |request, response|
|
postprocess do |request, response|
|
||||||
puts "Request: #{request}, response: #{response}"
|
puts "Request: #{request}, response: #{response}"
|
||||||
end
|
end
|
||||||
index ["index"]
|
index ["index.html"]
|
||||||
root "#{ENV['PWD']}/assets"
|
root "#{ENV['PWD']}/assets"
|
||||||
serve "*.(html|css|js)"
|
serve "/**/*.(html|css|js)"
|
||||||
get "/wormhole/:test/*" do |suffix, test: nil|
|
get "/wormhole/:test/*" do |suffix, test: nil|
|
||||||
<<~RESPONSE
|
<<~RESPONSE
|
||||||
You tried accessing #{suffix} at named param #{test}
|
You tried accessing #{suffix} at named param #{test}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,13 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<html>
|
||||||
|
<head>
|
||||||
|
<title> Cleverly done, mr. freeman </title>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<h1>Cleverly done, mr. freeman</h1>
|
||||||
|
<hr/>
|
||||||
|
<p>But you are not supposed to be here</p>
|
||||||
|
<p><b>Get back where you belong.</b></p>
|
||||||
|
</body>
|
||||||
|
</html>
|
||||||
|
|
||||||
Loading…
Reference in New Issue