Home Explore Help
Sign In
cpp
/
cpp-httplib
mirror of https://github.com/tazdij/cpp-httplib.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Fix #1768

yhirose 1 year ago
parent
82a90a2325
commit
762024b890
2 changed files with 7 additions and 0 deletions
Unified View Show Diff Stats
  1. 1 0
      httplib.h
  2. 6 0
      test/test.cc

+ 1 - 0
httplib.h
View File 

@@ -2418,6 +2418,7 @@ inline bool is_valid_path(const std::string &path) {
 
     auto beg = i;
 
     auto beg = i;
 
     while (i < path.size() && path[i] != '/') {
 
     while (i < path.size() && path[i] != '/') {
 
       if (path[i] == '\0') { return false; }
 
       if (path[i] == '\0') { return false; }
 
+      else if (path[i] == '\\') { return false; }
 
       i++;
 
       i++;
 
     }
 
     }

+ 6 - 0
test/test.cc
View File 

@@ -2509,6 +2509,12 @@ TEST_F(ServerTest, GetMethodOutOfBaseDirMount2) {
 
   EXPECT_EQ(StatusCode::NotFound_404, res->status);
 
   EXPECT_EQ(StatusCode::NotFound_404, res->status);
 
 }
 
 }
 
 
 
+TEST_F(ServerTest, GetMethodOutOfBaseDirMountWithBackslash) {
 
+  auto res = cli_.Get("/mount/%2e%2e%5c/www2/dir/test.html");
 
+  ASSERT_TRUE(res);
 
+  EXPECT_EQ(StatusCode::NotFound_404, res->status);
 
+}
 
+
 
 TEST_F(ServerTest, PostMethod303) {
 
 TEST_F(ServerTest, PostMethod303) {
 
   auto res = cli_.Post("/1", "body", "text/plain");
 
   auto res = cli_.Post("/1", "body", "text/plain");
 
   ASSERT_TRUE(res);
 
   ASSERT_TRUE(res);