ensure that the internal code_update URL is hit *precisely* to reduce the risk...

ensure that the internal code_update URL is hit *precisely* to reduce the risk of improperly configured servers and sloppy expressjs routing letting just anyone reboot a server. bug #699171

ensure that the internal code_update URL is hit precisely to reduce the risk...
ensure that the internal code_update URL is hit *precisely* to reduce the risk of improperly configured servers and sloppy expressjs routing letting just anyone reboot a server. bug #699171
b3d862bb · Lloyd Hilaiel · 989aeb74 · b3d862bb
Commit b3d862bb authored 13 years ago by Lloyd Hilaiel
--- a/lib/shutdown.js
+++ b/lib/shutdown.js
@@ -111,9 +111,15 @@ exports.handleTerminationSignals = function(app, callback) {
  process.on('SIGINT', endIt('INT')).on('SIGTERM', endIt('TERM')).on('SIGQUIT', endIt('QUIT'));
 };

+const CODE_UPDATE_URL = '/code_update';
+
 exports.installUpdateHandler = function(app, callback) {
  var terminate = connectionListener(app);
-  app.get('/code_update', function(req, resp, next) {
+  app.get(CODE_UPDATE_URL, function(req, resp, next) {
+    // don't allow an imprecise match (like one with a trailing slash) to shut the server down.
+    // bug #699171
+    if (req.url !== CODE_UPDATE_URL) return next();
+
    logger.warn("code updated.  closing " + app.connections + " connections and shutting down.");
    terminate(callback);
  });