From 9397c9a204b70b9ff3dbe6a468811a99f1b34a1f Mon Sep 17 00:00:00 2001 From: JerryImMouse Date: Sat, 15 Jun 2024 06:10:18 +0500 Subject: [PATCH] sanitize relative url --- Jerry.Utilities/HttpUtility/MainListener.cs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/Jerry.Utilities/HttpUtility/MainListener.cs b/Jerry.Utilities/HttpUtility/MainListener.cs index 433d854..bc006fb 100644 --- a/Jerry.Utilities/HttpUtility/MainListener.cs +++ b/Jerry.Utilities/HttpUtility/MainListener.cs @@ -1,4 +1,6 @@ using System.Net; +using System.Text.Encodings.Web; +using System.Text.RegularExpressions; using Jerry.Utilities.Logging; using Jerry.Utilities.Logging.LogStructs; @@ -7,7 +9,7 @@ namespace Jerry.Utilities.HttpUtility; /// /// Wrapper around for ease use, provides simple interface to "talk" with some program using HTTP or creating an api /// -public class MainListener +public sealed class MainListener { private HttpListener _nativeListener = new(); public IHandlerGroup? HandlerGroup = null; @@ -23,7 +25,7 @@ public async Task StartListenAsync() { var rawCtx = await _nativeListener.GetContextAsync(); var ctx = new HttpContext(rawCtx); - Logger.Info($"Processing incoming connections from {ctx.RemoteEndPoint.Address}:{ctx.RemoteEndPoint.Port} to {ctx.RelativeUrl}"); + Logger.Info($"Processing incoming connections from {ctx.RemoteEndPoint.Address}:{ctx.RemoteEndPoint.Port} to {Sanitize(ctx.RelativeUrl)}"); // we are not waiting for task finishing Task.Run(() => ProcessContextAsync(ctx)); @@ -50,4 +52,10 @@ public void RegisterHandler(Func> handler) { _handlers.Add(handler); } + + private string Sanitize(string str) + { + var reg = new Regex(@"[^\w\.@-]"); + return reg.Replace(str, "_"); + } } \ No newline at end of file