about summary refs log tree commit diff stats
path: root/src/loader/cgi.nim
diff options
context:
space:
mode:
Diffstat (limited to 'src/loader/cgi.nim')
-rw-r--r--src/loader/cgi.nim6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/loader/cgi.nim b/src/loader/cgi.nim
index d94a2243..b0341a59 100644
--- a/src/loader/cgi.nim
+++ b/src/loader/cgi.nim
@@ -54,7 +54,11 @@ proc loadCGI*(handle: LoaderHandle, request: Request, cgiDir: seq[string]) =
   if cgiDir.len == 0:
     discard handle.sendResult(ERROR_NO_CGI_DIR)
     return
-  let path = percentDecode(request.url.pathname)
+  var path = percentDecode(request.url.pathname)
+  if path.startsWith("/cgi-bin/"):
+    path.delete(0 .. "/cgi-bin/".high)
+  elif path.startsWith("/$LIB/"):
+    path.delete(0 .. "/$LIB/".high)
   if path == "" or request.url.hostname != "":
     discard handle.sendResult(ERROR_INVALID_CGI_PATH)
     return
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2025-02-05 15:28:26 +0000