Skip to content

Commit 6a1fbb8

Browse files
rachmarirachmari
authored
prevent paths starting with /\. (#54892)
1 parent 44128c3 commit 6a1fbb8

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/shielding/middleware/handle-invalid-paths.ts

+1-1
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ import { ExtendedRequest } from '@/types'
77
// one of these.
88
// These are clearly intentional "guesses" made by some sort of
99
// pen-testing bot.
10-
const JUNK_STARTS = ['///', '/\\']
10+
const JUNK_STARTS = ['///', '/\\', '/\\.']
1111
const JUNK_ENDS = [
1212
'/package.json',
1313
'/package-lock.json',

0 commit comments

Comments
 (0)