1 const os
= require("os");
3 const useWebRootServerSideScript
=
4 process
.serverConfig
.useWebRootServerSideScript
;
6 module
.exports
= (req
, res
, logFacilities
, config
, next
) => {
7 if (useWebRootServerSideScript
) {
8 let decodedHrefWithoutDuplicateSlashes
= "";
10 decodedHrefWithoutDuplicateSlashes
= decodeURIComponent(
11 req
.parsedURL
.pathname
12 ).replace(/\/+/g, "/");
13 // eslint-disable-next-line no-unused-vars
19 // Forbid access to server-side JavaScript, if it is in the webroot.
21 decodedHrefWithoutDuplicateSlashes
== "/serverSideScript.js" ||
22 (os
.platform() == "win32" &&
23 decodedHrefWithoutDuplicateSlashes
.toLowerCase() ==
24 "/serversidescript.js")
27 logFacilities
.errmessage("Access to server-side JavaScript is denied.");
35 module
.exports
.proxySafe
= true;