File tree Expand file tree Collapse file tree 2 files changed +18
-2
lines changed Expand file tree Collapse file tree 2 files changed +18
-2
lines changed Original file line number Diff line number Diff line change @@ -100,21 +100,31 @@ exports.disposition = function (header) {
100100 throw Boom . badRequest ( 'Invalid content-disposition header format includes invalid parameters' ) ;
101101 }
102102
103+ let value ;
104+
103105 if ( $2 ) {
104106 if ( ! $3 ) {
105107 throw Boom . badRequest ( 'Invalid content-disposition header format includes invalid parameters' ) ;
106108 }
107109
108110 try {
109- result [ $1 ] = decodeURIComponent ( $3 . split ( '\'' ) [ 2 ] ) ;
111+ value = decodeURIComponent ( $3 . split ( '\'' ) [ 2 ] ) ;
110112 }
111113 catch ( err ) {
112114 throw Boom . badRequest ( 'Invalid content-disposition header format includes invalid parameters' ) ;
113115 }
114116 }
115117 else {
116- result [ $1 ] = $4 || $5 || '' ;
118+ value = $4 || $5 || '' ;
119+ }
120+
121+ if ( $1 === 'name' &&
122+ value === '__proto__' ) {
123+
124+ throw Boom . badRequest ( 'Invalid content-disposition header format includes invalid parameters' ) ;
117125 }
126+
127+ result [ $1 ] = value ;
118128 } ) ;
119129
120130 if ( ! result . name ) {
Original file line number Diff line number Diff line change @@ -169,4 +169,10 @@ describe('disposition()', () => {
169169 const header = 'form-data; name="file"; filename=file.jpg; __proto__=x' ;
170170 expect ( ( ) => Content . disposition ( header ) ) . to . throw ( 'Invalid content-disposition header format includes invalid parameters' ) ;
171171 } ) ;
172+
173+ it ( 'errors on __proto__ name param value' , ( ) => {
174+
175+ const header = 'form-data; name="__proto__"; filename=file.jpg' ;
176+ expect ( ( ) => Content . disposition ( header ) ) . to . throw ( 'Invalid content-disposition header format includes invalid parameters' ) ;
177+ } ) ;
172178} ) ;
You can’t perform that action at this time.
0 commit comments