Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle null byte when serving static files #1574

Merged
merged 2 commits into from Mar 13, 2020
Merged

Handle null byte when serving static files #1574

merged 2 commits into from Mar 13, 2020

Conversation

makushline
Copy link
Contributor

This is raising an exception on a production application I am running. This should be fine since nil is an acceptable return type of the method.

@jkowens
Copy link
Member

jkowens commented Oct 25, 2019
edited

Rack has a utility method valid_path? that checks to see if it contains a null byte. If it's not a valid path that could be part of the return condition. Can you also add a test for this scenario?

https://github.com/rack/rack/blob/c8d0f2bb35d0abaab3a02fe7eec41bb2d9e68ddf/lib/rack/utils.rb#L598

@makushline makushline force-pushed the handle-null-byte branch 2 times, most recently from e5eb221 to 4c0b634 Compare January 3, 2020 22:29
@makushline
Copy link
Contributor Author

@jkowens I missed your note and I had snoozed the errors on my application for some time. It's only when they came again that I remember about the open PR.

@jkowens jkowens requested a review from namusyaka January 3, 2020 22:58
@jkowens
Copy link
Member

jkowens commented Jan 3, 2020

LGTM, thanks! I'll see if @namusyaka can review 👍

namusyaka
namusyaka requested changes Jan 7, 2020
View reviewed changes
Copy link
Member

@namusyaka namusyaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think the change is reasonable, left some comments.

lib/sinatra/base.rb Outdated Show resolved Hide resolved
test/static_test.rb Show resolved Hide resolved
@makushline makushline force-pushed the handle-null-byte branch 2 times, most recently from d9bf16c to d7313ca Compare January 17, 2020 19:26
jkowens
jkowens reviewed Mar 10, 2020
View reviewed changes
lib/sinatra/base.rb Outdated Show resolved Hide resolved
@jkowens jkowens merged commit 3cc2394 into sinatra:master Mar 13, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkowens jkowens jkowens left review comments

@namusyaka namusyaka namusyaka requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@makushline @jkowens @namusyaka