From 8d6864f145ff08fefd938e30692be60fb65bd4c9 Mon Sep 17 00:00:00 2001
From: qkqpttgf <45693631+qkqpttgf@users.noreply.github.com>
Date: Fri, 18 Feb 2022 18:24:13 +0800
Subject: [PATCH] fix: can read js in ../

---
 common.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/common.php b/common.php
index 41991b6..38d2adc 100644
--- a/common.php
+++ b/common.php
@@ -177,6 +177,7 @@ function main($path)
     if (isset($_GET['jsFile'])) {
         if (substr($_GET['jsFile'], -3)!='.js') return output('', 403);
         if (!($path==''||$path=='/')) return output('', 308, [ 'Location' => path_format($_SERVER['base_path'] . '/?jsFile=' . $_GET['jsFile']) ]);
+        if (strpos($_GET['jsFile'], '/')>-1) $_GET['jsFile'] = splitlast($_GET['jsFile'], '/')[1];
         $jsFile = file_get_contents('js/' . $_GET['jsFile']);
         if (!!$jsFile) {
             return output( base64_encode($jsFile), 200, [ 'Content-Type' => 'text/javascript; charset=utf-8', 'Cache-Control' => 'max-age=' . 3*24*60*60 ], true );