mirror of
https://github.com/TryGhost/Ghost.git
synced 2023-12-13 21:00:40 +01:00
no issue Double slashes are treated as a HTTP calls as specified in [RFC1801](http://www.ietf.org/rfc/rfc1808.txt). Because of this behaviour the uncapitalise created an open redirect. By removing double slashes in the path we ensure open redirects cannot be created. As an example, please click the following URL: https://dev.ghost.org///Google.com/. This issue has been reported by pentesters of our product [LearningSpaces.io](http://learningspaces.io).
31 lines
804 B
JavaScript
31 lines
804 B
JavaScript
var url = require('url');
|
|
|
|
function removeDoubleCharacters(character, string) {
|
|
var stringArray = string.split('');
|
|
|
|
return stringArray.reduce(function (newString, currentCharacter, index) {
|
|
if (
|
|
currentCharacter === character &&
|
|
stringArray[index + 1] === character
|
|
) {
|
|
return newString;
|
|
}
|
|
|
|
return newString + currentCharacter;
|
|
}, '');
|
|
}
|
|
|
|
function removeOpenRedirectFromUrl(urlString) {
|
|
var parsedUrl = url.parse(urlString);
|
|
|
|
return (
|
|
(parsedUrl.protocol ? parsedUrl.protocol + '//' : '') + // http://
|
|
(parsedUrl.auth || '') +
|
|
(parsedUrl.host || '') +
|
|
removeDoubleCharacters('/', parsedUrl.path) +
|
|
(parsedUrl.hash || '')
|
|
);
|
|
}
|
|
|
|
module.exports = removeOpenRedirectFromUrl;
|