From 3478b876a0314d2ff0a966d3b23149e20e995fe8 Mon Sep 17 00:00:00 2001
From: Richard Petersen <richard.petersen@open-xchange.com>
Date: Tue, 6 Sep 2022 12:46:23 +0200
Subject: [PATCH] Escape characters in mime types before creating the regexp
---
spec/file_caching_test.js | 17 +++++++++++++++++
src/files.js | 2 +-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/spec/file_caching_test.js b/spec/file_caching_test.js
index ce832a1..fd1dfd5 100644
--- a/spec/file_caching_test.js
+++ b/spec/file_caching_test.js
@@ -399,4 +399,21 @@ describe('File caching service', function () {
// check for files in redis
expect(await redis.client.getBuffer('ui-middleware:554855300:/file.mp3:body')).to.deep.equal(response.body)
})
+
+ it('does server svg as gzip (also escapes chars in regex)', async function () {
+ mockFetch({
+ 'http://ui-server': {
+ '/manifest.json': generateSimpleViteManifest({}),
+ '/file.svg': () => new Response([...new Array(2500)].join(' '), { headers: { 'content-type': 'image/svg+xml' } })
+ }
+ })
+ app = await mockApp()
+
+ const response = await request(app.server).get('/file.svg')
+ expect(response.statusCode).to.equal(200)
+ expect(response.headers['content-encoding']).to.equal('gzip')
+
+ // check for files in redis
+ expect(zlib.gunzipSync(await redis.client.getBuffer('ui-middleware:554855300:/file.svg:body'))).to.deep.equal(response.body)
+ })
})
diff --git a/src/files.js b/src/files.js
index 107ea8e..510dc09 100644
--- a/src/files.js
+++ b/src/files.js
@@ -10,7 +10,7 @@ import { promisify } from 'node:util'
const gzip = promisify(zlib.gzip)
const compressFileSize = Number(process.env.COMPRESS_FILE_SIZE)
-const compressionMimeTypes = (process.env.COMPRESS_FILE_TYPES || '').split(' ')
+const compressionMimeTypes = (process.env.COMPRESS_FILE_TYPES || '').replace(/([.+*?^$()[\]{}|])/g, '\\$1').split(' ')
const compressionWhitelistRegex = new RegExp(`^(${compressionMimeTypes.join('|')})$`)
export function createWritable (body) {
--
GitLab