From 0b58413d93655f242e3ae8339ad6b3778518fed4 Mon Sep 17 00:00:00 2001
From: Haider Ali <rmha64@gmail.com>
Date: Sat, 20 Jan 2024 20:55:44 +0500
Subject: [PATCH 1/4] Do not serve files when path ends with /

---
 index.js | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 90fbd4f..1b37a16 100644
--- a/index.js
+++ b/index.js
@@ -605,12 +605,16 @@ SendStream.prototype.sendFile = function sendFile (path) {
 
   debug('stat "%s"', path)
   fs.stat(path, function onstat (err, stat) {
-    if (err && err.code === 'ENOENT' && !extname(path) && path[path.length - 1] !== sep) {
+    var pathEndsWithSep = path[path.length - 1] === sep
+    
+    if (err && err.code === 'ENOENT' && !extname(path) && !pathEndsWithSep) {
       // not found, check extensions
       return next(err)
     }
     if (err) return self.onStatError(err)
     if (stat.isDirectory()) return self.redirect(path)
+    if(pathEndsWithSep) return self.error(404)
+    
     self.emit('file', path, stat)
     self.send(path, stat)
   })

From 899e44fcde68c60c02ce64ffe91efd6663868a78 Mon Sep 17 00:00:00 2001
From: Haider Ali <rmha64@gmail.com>
Date: Sat, 20 Jan 2024 21:59:26 +0500
Subject: [PATCH 2/4] lint

---
 index.js | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/index.js b/index.js
index 1b37a16..342210c 100644
--- a/index.js
+++ b/index.js
@@ -606,15 +606,13 @@ SendStream.prototype.sendFile = function sendFile (path) {
   debug('stat "%s"', path)
   fs.stat(path, function onstat (err, stat) {
     var pathEndsWithSep = path[path.length - 1] === sep
-    
     if (err && err.code === 'ENOENT' && !extname(path) && !pathEndsWithSep) {
       // not found, check extensions
       return next(err)
     }
     if (err) return self.onStatError(err)
     if (stat.isDirectory()) return self.redirect(path)
-    if(pathEndsWithSep) return self.error(404)
-    
+    if (pathEndsWithSep) return self.error(404)
     self.emit('file', path, stat)
     self.send(path, stat)
   })

From 32c314dc9f7ec6a76ddd42f666674a917a0c9ec5 Mon Sep 17 00:00:00 2001
From: Haider Ali <rmha64@gmail.com>
Date: Sat, 18 May 2024 08:40:04 +0500
Subject: [PATCH 3/4] Adding test case

---
 test/send.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/test/send.js b/test/send.js
index 050e4b9..e946000 100644
--- a/test/send.js
+++ b/test/send.js
@@ -1194,6 +1194,12 @@ describe('send(file, options)', function () {
         .get('/')
         .expect(200, /tobi/, done)
     })
+
+    it('should 404 if file path contains tralling slash (windows)', function (done) {
+      request(createServer({ root: fixtures, index: false }))
+        .get('/tobi.html/')
+        .expect(404, done)
+    })
   })
 
   describe('root', function () {

From 9606e7c0fa1eb47507efb4a882a13722f76c4db3 Mon Sep 17 00:00:00 2001
From: Haider Ali <rmha64@gmail.com>
Date: Tue, 23 Jul 2024 20:21:54 +0500
Subject: [PATCH 4/4] fix: typo

---
 test/send.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/send.js b/test/send.js
index e946000..e399163 100644
--- a/test/send.js
+++ b/test/send.js
@@ -1195,7 +1195,7 @@ describe('send(file, options)', function () {
         .expect(200, /tobi/, done)
     })
 
-    it('should 404 if file path contains tralling slash (windows)', function (done) {
+    it('should 404 if file path contains trailing slash (windows)', function (done) {
       request(createServer({ root: fixtures, index: false }))
         .get('/tobi.html/')
         .expect(404, done)