Compare commits

...

3 commits

3 changed files with 7 additions and 2 deletions

2
Cargo.lock generated
View file

@ -10,7 +10,7 @@ checksum = "17cbf58e19f2bda088d8c4c95a46b41895375e15a2d63dd686a4273f8c43d46b"
[[package]] [[package]]
name = "herb" name = "herb"
version = "0.8.1" version = "0.8.2-develop"
dependencies = [ dependencies = [
"frostwalker", "frostwalker",
"packeteer", "packeteer",

View file

@ -1,6 +1,6 @@
[package] [package]
name = "herb" name = "herb"
version = "0.8.1" version = "0.8.2-develop"
edition = "2018" edition = "2018"
[dependencies] [dependencies]

View file

@ -335,6 +335,11 @@ fn process_request(request: Vec<u8>, settings: Settings) -> Resource {
println!("Stream sent GET request."); println!("Stream sent GET request.");
} }
if request.location.segments.len() != 0 { if request.location.segments.len() != 0 {
if request.location.segments[0] == ".." || request.location.segments[0] == "." {
let resource = Resource { contents: "<!DOCTYPE HTML><html><body><h1>400 Bad Request</h1><p>The request you sent appears to be malformed.</p></body></html>".to_string().into_bytes(), status_code: 400, mime: "text/html".to_string(), iscgi: false };
return resource;
}
let segclone = request.location.segments.clone(); let segclone = request.location.segments.clone();
path = unwrap_url_into_segments(request.location); path = unwrap_url_into_segments(request.location);
if path.contains(".cgi/") { if path.contains(".cgi/") {