Closed aomarks closed 7 years ago
The send library already ensures we don't serve files outside our root directory, but it doesn't hurt to check ourselves too. This also prevents a subtle way to probe if a file exists, even if you couldn't read it.
The send library already ensures we don't serve files outside our root directory, but it doesn't hurt to check ourselves too. This also prevents a subtle way to probe if a file exists, even if you couldn't read it.