是否有一种方法可以限制 Expressjs 中允许的 uri 字符。 例如设置字符变量 :
allowed_uri_chars = a-zA-Z0-9 ; etc
最合乎逻辑和最简单的方法就是 在某种中间软件中使用正方形:
var url = require("url");
app.use(function(req, res, next) {
var pathname = url.parse(req.url).pathname;
if(!pathname.match(/^[a-z0-9/]+$/i)) return res.send(403);
next();
});
或者,因为 URL 已经被 Express 解析了, 但是它并没有公开曝光, 您可能想要节省一个电话来分析并依靠 Express 内部( 我建议 ) :
app.use(function(req, res, next) {
if(!req._parsedUrl.pathname.match(/^[a-z0-9/]+$/i)) return res.send(403);
next();
});
这确保了您的路径名( http://example.com/foo/bar?id=1334 ,路径名为 /foo/bar )仅包含字母、数字和斜线。 如果不是,它会产生403。
您不能用正方块解析授权字符吗?
还是你的意思是直接在路线上?
How to get a selected text inside a iframe. I my page i m having a iframe which is editable true. So how can i get the selected text in that iframe.
I would like to click a link in my page using javascript. I would like to Fire event handlers on the link without navigating. How can this be done? This has to work both in firefox and Internet ...
Heres the problem, In Masterpage, the google analytics code were pasted before the end of body tag. In ASPX page, I need to generate a script (google addItem tracker) using codebehind ClientScript ...
Is there a reliable way to access the client machine s clipboard using Javascript? I continue to run into permissions issues when attempting to do this. How does Google Docs do this? Do they use ...
I have a large javascript which I didn t write but I need to use it and I m slowely going trough it trying to figure out what does it do and how, I m using alert to print out what it does but now I ...
Is it possible for someone to give me a few pointers on how to display a multidimensional array in the form of a bar graph? The array is multidimensional, with three elements in each part - and the ...
Is it possible to reload a form after file-input change? I have a form where the user can chose an image for upload. I also have a php script which displays that image resized. I only wonder if it ...
I ve made a little forum and I want parse the date on newest posts like twitter, you know "posted 40 minutes ago ","posted 1 hour ago"... What s the best way ? Thanx.