zero width only converted if characters detected
This commit is contained in:
parent
d2857a21dd
commit
5c7ce1f0ed
|
@ -80,7 +80,7 @@ Server: # Configure the way the HTTP server behaves.
|
|||
# How many TOTAL requests the server can handle at once.
|
||||
# Requests will not be served to ANYONE if the # of simultaneous connections is above this number.
|
||||
# It is recommended you keep this value around 512 to avoid issues with high-traffic situations.
|
||||
Concurrency: 512
|
||||
Concurrency:
|
||||
|
||||
Redis: # Configure the Redis connection. The values in this section are self-explanatory.
|
||||
URI:
|
||||
|
@ -88,8 +88,4 @@ Redis: # Configure the Redis connection. The values in this section are self-exp
|
|||
DB: 0
|
||||
|
||||
# A boolean. Set this value to true if you want to have /stats show more data, including memory usage.
|
||||
MoreStats:
|
||||
|
||||
# A boolean. Set this value to true if zero width URLs will always be used, regardless of whether the user sets
|
||||
# the zerowidth parameter in the request URL to 0 or not.
|
||||
ForceZeroWidth:
|
||||
MoreStats:
|
|
@ -13,5 +13,5 @@ var RedisClient *redis.Client
|
|||
|
||||
const (
|
||||
// Version is the current version of the server.
|
||||
Version = "1.3.1"
|
||||
Version = "1.3.2"
|
||||
)
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"github.com/vysiondev/tytanium/security"
|
||||
"github.com/vysiondev/tytanium/utils"
|
||||
"io"
|
||||
"net/url"
|
||||
"os"
|
||||
"path"
|
||||
"regexp"
|
||||
|
@ -44,9 +45,11 @@ func ServeFile(ctx *fasthttp.RequestCtx) {
|
|||
ServeNotFound(ctx)
|
||||
return
|
||||
}
|
||||
|
||||
// Convert all zero-width characters to normal string
|
||||
p = utils.ZWSToString(p)
|
||||
// Convert entire path to normal string if a zero-width character is detected at the beginning.
|
||||
// %2F = /, %F3%A0 = part of zero width character
|
||||
if strings.HasPrefix(url.QueryEscape(p), "%2F%F3%A0") {
|
||||
p = utils.ZWSToString(p)
|
||||
}
|
||||
|
||||
filePath := path.Join(global.Configuration.Storage.Directory, p)
|
||||
|
||||
|
|
|
@ -1,6 +1,9 @@
|
|||
package utils
|
||||
|
||||
import "strings"
|
||||
import (
|
||||
"fmt"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// hey yeah if it works and its stupid it aint stupid
|
||||
const characterIndex = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789."
|
||||
|
@ -50,6 +53,7 @@ func StringToZWS(baseStr string) string {
|
|||
func ZWSToString(encodedStr string) string {
|
||||
|
||||
rL := []rune(encodedStr)
|
||||
fmt.Println(len(rL))
|
||||
var finalStr string
|
||||
|
||||
for ind, r := range rL {
|
||||
|
@ -62,7 +66,7 @@ func ZWSToString(encodedStr string) string {
|
|||
}
|
||||
}
|
||||
if !match {
|
||||
finalStr += string(encodedStr[ind])
|
||||
finalStr += string(rL[ind])
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue