mirror of
https://github.com/github/codeql.git
synced 2026-03-28 02:08:17 +01:00
18 lines
522 B
JavaScript
18 lines
522 B
JavaScript
var fs = require('fs'),
|
|
http = require('http'),
|
|
url = require('url'),
|
|
sanitize = require('sanitize-filename'),
|
|
pathModule = require('path')
|
|
;
|
|
|
|
var server = http.createServer(function(req, res) {
|
|
let path = url.parse(req.url, true).query.path;
|
|
res.write(fs.readFileSync(['public', path].join('/'))); // BAD: taint is preserved
|
|
|
|
let parts = ['public', path];
|
|
parts = parts.map(x => x.toLowerCase());
|
|
res.write(fs.readFileSync(parts.join('/'))); // BAD: taint is preserved
|
|
});
|
|
|
|
server.listen();
|