Sanitizing 'type' parameter to prevent Full Path Disclosure.

alanshaw / david-www

:eyeglasses: David helps keep your Node.js project dependencies up to date.

https://david-dm.org

MIT License

729 stars 131 forks source link

Sanitizing 'type' parameter to prevent Full Path Disclosure. #364

Closed omartrigui closed 7 years ago

alanshaw commented 7 years ago

Thanks for the PR, I think this fix needs to be made in the server side route handlers wherever we're using the "type" parameter rather than in the client side code.