mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-01-19 14:13:34 +01:00
Bugfix for not loading plugins until after db, plus moved padursanitize into own module
This commit is contained in:
parent
e3770e42b6
commit
0730eb5b8d
3 changed files with 41 additions and 32 deletions
29
node/padurlsanitize.js
Normal file
29
node/padurlsanitize.js
Normal file
|
@ -0,0 +1,29 @@
|
|||
var padManager = require('./db/PadManager');
|
||||
|
||||
exports.expressServer = function (hook_name, args, cb) {
|
||||
//redirects browser to the pad's sanitized url if needed. otherwise, renders the html
|
||||
args.app.param('pad', function (req, res, next, padId) {
|
||||
//ensure the padname is valid and the url doesn't end with a /
|
||||
if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
|
||||
{
|
||||
res.send('Such a padname is forbidden', 404);
|
||||
}
|
||||
else
|
||||
{
|
||||
padManager.sanitizePadId(padId, function(sanitizedPadId) {
|
||||
//the pad id was sanitized, so we redirect to the sanitized version
|
||||
if(sanitizedPadId != padId)
|
||||
{
|
||||
var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
|
||||
res.header('Location', real_path);
|
||||
res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
|
||||
}
|
||||
//the pad id was fine, so just render it
|
||||
else
|
||||
{
|
||||
next();
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
}
|
|
@ -70,6 +70,12 @@ exports.maxAge = 1000*60*60*6;
|
|||
log4js.setGlobalLogLevel(settings.loglevel);
|
||||
|
||||
async.waterfall([
|
||||
//initalize the database
|
||||
function (callback)
|
||||
{
|
||||
db.init(callback);
|
||||
},
|
||||
|
||||
plugins.update,
|
||||
|
||||
function (callback) {
|
||||
|
@ -79,11 +85,6 @@ async.waterfall([
|
|||
callback();
|
||||
},
|
||||
|
||||
//initalize the database
|
||||
function (callback)
|
||||
{
|
||||
db.init(callback);
|
||||
},
|
||||
//initalize the http server
|
||||
function (callback)
|
||||
{
|
||||
|
@ -97,33 +98,6 @@ async.waterfall([
|
|||
next();
|
||||
});
|
||||
|
||||
|
||||
//redirects browser to the pad's sanitized url if needed. otherwise, renders the html
|
||||
app.param('pad', function (req, res, next, padId) {
|
||||
//ensure the padname is valid and the url doesn't end with a /
|
||||
if(!padManager.isValidPadId(padId) || /\/$/.test(req.url))
|
||||
{
|
||||
res.send('Such a padname is forbidden', 404);
|
||||
}
|
||||
else
|
||||
{
|
||||
padManager.sanitizePadId(padId, function(sanitizedPadId) {
|
||||
//the pad id was sanitized, so we redirect to the sanitized version
|
||||
if(sanitizedPadId != padId)
|
||||
{
|
||||
var real_path = req.path.replace(/^\/p\/[^\/]+/, '/p/' + sanitizedPadId);
|
||||
res.header('Location', real_path);
|
||||
res.send('You should be redirected to <a href="' + real_path + '">' + real_path + '</a>', 302);
|
||||
}
|
||||
//the pad id was fine, so just render it
|
||||
else
|
||||
{
|
||||
next();
|
||||
}
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
//load modules that needs a initalized db
|
||||
readOnlyManager = require("./db/ReadOnlyManager");
|
||||
exporthtml = require("./utils/ExportHtml");
|
||||
|
|
|
@ -11,6 +11,12 @@
|
|||
"hooks": {
|
||||
"expressServer": "../specialpages:expressServer"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "padurlsanitize",
|
||||
"hooks": {
|
||||
"expressServer": "../padurlsanitize:expressServer"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue