issues
search
NVIDIA
/
NeMo-Guardrails
NeMo Guardrails is an open-source toolkit for easily adding programmable guardrails to LLM-based conversational systems.
Other
4.22k
stars
402
forks
source link
Fix path traversal check
#623
Closed
Pouyanpi
closed
4 months ago
Pouyanpi
commented
4 months ago
This PR includes three key fixes:
Prevents path traversal in the
_get_rails
function by rejecting config_ids that contain dangerous characters or sequences.
Removes an unnecessary path check in the
_get_rails
function, simplifies the code and reducing the chance of errors.
Modifies the server command in the CLI to correctly expand user paths, allowing for paths starting with '~' to be used.
fixes [4706127]
This PR includes three key fixes:
_get_railsfunction by rejecting config_ids that contain dangerous characters or sequences._get_railsfunction, simplifies the code and reducing the chance of errors.fixes [4706127]