From 497f5f3c3b1f0c5ffc992ae84ce0721b4275a2fd Mon Sep 17 00:00:00 2001
From: "julian.baeume" <julian.baeume@open-xchange.com>
Date: Tue, 6 Sep 2022 16:51:17 +0000
Subject: [PATCH] Fix: Compression allowlist Regex too greedy

Root cause: mime types might contain charset information
Solution: be more relaxed about anything following the actual mime type
---
 src/files.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/files.js b/src/files.js
index 510dc09..e04fc3b 100644
--- a/src/files.js
+++ b/src/files.js
@@ -11,7 +11,8 @@ const gzip = promisify(zlib.gzip)
 
 const compressFileSize = Number(process.env.COMPRESS_FILE_SIZE)
 const compressionMimeTypes = (process.env.COMPRESS_FILE_TYPES || '').replace(/([.+*?^$()[\]{}|])/g, '\\$1').split(' ')
-const compressionWhitelistRegex = new RegExp(`^(${compressionMimeTypes.join('|')})$`)
+const compressionWhitelistRegex = new RegExp(`^(${compressionMimeTypes.join('|')})($|;)`, 'i')
+
 
 export function createWritable (body) {
   if (typeof body !== 'string' && !(body instanceof Buffer)) return JSON.stringify(body)
-- 
GitLab