2015-06-10 14:18:31 -05:00
|
|
|
// # uncapitalise Middleware
|
|
|
|
// Usage: uncapitalise(req, res, next)
|
|
|
|
// After:
|
|
|
|
// Before:
|
|
|
|
// App: Admin|Blog|API
|
|
|
|
//
|
|
|
|
// Detect upper case in req.path.
|
2016-10-10 14:14:32 -05:00
|
|
|
//
|
|
|
|
// Example req:
|
|
|
|
// req.originalUrl = /blog/ghost/signin/?asdAD=asdAS
|
|
|
|
// req.url = /ghost/signin/?asdAD=asdAS
|
|
|
|
// req.baseUrl = /blog
|
|
|
|
// req.path = /ghost/signin/
|
2015-06-10 14:18:31 -05:00
|
|
|
|
|
|
|
var utils = require('../utils'),
|
|
|
|
uncapitalise;
|
|
|
|
|
|
|
|
uncapitalise = function uncapitalise(req, res, next) {
|
2016-10-10 14:14:32 -05:00
|
|
|
var pathToTest = (req.baseUrl ? req.baseUrl : '') + req.path,
|
|
|
|
isSignupOrReset = pathToTest.match(/^(.*\/ghost\/(signup|reset)\/)/i),
|
|
|
|
isAPI = pathToTest.match(/^(.*\/ghost\/api\/v[\d\.]+\/.*?\/)/i),
|
2016-08-23 06:47:59 -05:00
|
|
|
redirectPath;
|
2015-06-10 14:18:31 -05:00
|
|
|
|
|
|
|
if (isSignupOrReset) {
|
|
|
|
pathToTest = isSignupOrReset[1];
|
|
|
|
}
|
|
|
|
|
|
|
|
// Do not lowercase anything after /api/v0.1/ to protect :key/:slug
|
|
|
|
if (isAPI) {
|
|
|
|
pathToTest = isAPI[1];
|
|
|
|
}
|
|
|
|
|
2015-09-24 08:40:48 -05:00
|
|
|
/**
|
|
|
|
* In node < 0.11.1 req.path is not encoded, afterwards, it is always encoded such that | becomes %7C etc.
|
|
|
|
* That encoding isn't useful here, as it triggers an extra uncapitalise redirect, so we decode the path first
|
|
|
|
*/
|
|
|
|
if (/[A-Z]/.test(decodeURIComponent(pathToTest))) {
|
2016-08-23 06:47:59 -05:00
|
|
|
redirectPath = (
|
2016-10-10 14:14:32 -05:00
|
|
|
utils.removeOpenRedirectFromUrl((req.originalUrl || req.url).replace(pathToTest, pathToTest.toLowerCase()))
|
2016-08-23 06:47:59 -05:00
|
|
|
);
|
|
|
|
|
|
|
|
res.set('Cache-Control', 'public, max-age=' + utils.ONE_YEAR_S);
|
|
|
|
res.redirect(301, redirectPath);
|
2015-06-10 14:18:31 -05:00
|
|
|
} else {
|
|
|
|
next();
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
module.exports = uncapitalise;
|