lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

url: ~ is not actually an unwise char

v0.11.1-release
isaacs 12 years ago
parent
17a379ec39
commit
881ef7cc5f
2 changed files with 4 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      lib/url.js
  2. 6
      test/simple/test-url.js

2
lib/url.js
View File

@ -54,7 +54,7 @@ var protocolPattern = /^([a-z0-9.+-]+:)/i,
delims = ['<', '>', '"', '`', ' ', '\r', '\n', '\t'],
// RFC 2396: characters not allowed for various reasons.
unwise = ['{', '}', '|', '\\', '^', '~', '`'].concat(delims),
unwise = ['{', '}', '|', '\\', '^', '`'].concat(delims),
// Allowed by RFCs, but cause of XSS attacks. Always escape these.
autoEscape = ['\''].concat(unwise),

6
test/simple/test-url.js
View File

@ -747,9 +747,9 @@ var parseTests = {
host: 'x:1',
port: '1',
hostname: 'x',
pathname: '/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E%7E%60/',
path: '/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E%7E%60/',
href: 'http://x:1/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E%7E%60/'
pathname: '/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E~%60/',
path: '/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E~%60/',
href: 'http://x:1/%27%20%3C%3E%22%60/%7B%7D%7C%5C%5E~%60/'
},
};

Write Preview
Loading…
Cancel
Save