Skip to content

Commit

Permalink
Fix an issue where the redirects of potentially malicious images were…
Browse files Browse the repository at this point in the history
… not going through. (#2666)
  • Loading branch information
emmerich authored Dec 30, 2024
1 parent db74ea3 commit e86e51f
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 3 deletions.
5 changes: 5 additions & 0 deletions .changeset/fuzzy-crabs-argue.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'gitbook': minor
---

Fix an issue where the redirects of potentially malicious images were not going through.
6 changes: 3 additions & 3 deletions packages/gitbook/src/app/(global)/~gitbook/image/route.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { NextRequest } from 'next/server';
import { NextRequest, NextResponse } from 'next/server';

import {
CURRENT_SIGNATURE_VERSION,
Expand Down Expand Up @@ -45,7 +45,7 @@ export async function GET(request: NextRequest) {
}

if (signatureVersion !== CURRENT_SIGNATURE_VERSION) {
return Response.redirect(url, 302);
return NextResponse.redirect(url, 302);
}

// Cloudflare-specific options are in the cf object.
Expand Down Expand Up @@ -92,7 +92,7 @@ export async function GET(request: NextRequest) {
return response;
} catch (error) {
// Redirect to the original image if resizing fails
return Response.redirect(url, 302);
return NextResponse.redirect(url, 302);
}
}

Expand Down

0 comments on commit e86e51f

Please sign in to comment.