diff options
Diffstat (limited to 'lib/rack/directory.rb')
| -rw-r--r-- | lib/rack/directory.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/rack/directory.rb b/lib/rack/directory.rb index 5baee3c8..e642975c 100644 --- a/lib/rack/directory.rb +++ b/lib/rack/directory.rb @@ -65,7 +65,9 @@ table { width:100%%; } script_name = env[SCRIPT_NAME] path_info = Utils.unescape_path(env[PATH_INFO]) - if forbidden = check_forbidden(path_info) + if bad_request = check_bad_request(path_info) + bad_request + elsif forbidden = check_forbidden(path_info) forbidden else path = ::File.join(@root, path_info) @@ -73,6 +75,16 @@ table { width:100%%; } end end + def check_bad_request(path_info) + return if Utils.valid_path?(path_info) + + body = "Bad Request\n" + size = body.bytesize + return [400, {CONTENT_TYPE => "text/plain", + CONTENT_LENGTH => size.to_s, + "X-Cascade" => "pass"}, [body]] + end + def check_forbidden(path_info) return unless path_info.include? ".." |