azures04/crafatar
1
0
Fork 0
mirror of https://github.com/azures04/crafatar.git synced 2026-03-21 23:41:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
crafatar/lib/routes
History
jomo bba004acc7 improve URL parsing 
uses `new URL()` and `decodeURI()` instead of `url.parse()`
also checks that the requested file is in a subdirectory of `public/` before serving the file

fixes path traversal vulnerability GHSA-5cxq-25mp-q5f2
2024-02-01 22:24:29 +01:00
..
avatars.js
improve URL parsing
2024-02-01 22:24:29 +01:00
capes.js
improve URL parsing
2024-02-01 22:24:29 +01:00
index.js
document undocumented functions
2020-03-29 20:13:24 +02:00
renders.js
improve URL parsing
2024-02-01 22:24:29 +01:00
skins.js
improve URL parsing
2024-02-01 22:24:29 +01:00