zoriya/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2026-06-01 19:26:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clean file of .. or ./ before checking Abs. (#456)

Browse Source
This commit is contained in:
Zoe Roux
2024-04-30 19:04:21 +02:00
committed by GitHub
parent 316e5dd208 8ee280de87
commit f67a7b4fd4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
transcoder/utils.go
+1 -1
View File
@@ -30,7 +30,7 @@ func GetPath(c echo.Context) (string, string, error) {
if err != nil {
return "", "", echo.NewHTTPError(http.StatusBadRequest, "Invalid path. Should be base64 encoded.")
}
path := string(pathb)
path := filepath.Clean(string(pathb))
if !filepath.IsAbs(path) {
return "", "", echo.NewHTTPError(http.StatusBadRequest, "Absolute path required.")
}