Closed desertaxle closed 4 days ago
When loading collection view data from disk, we pass a user-provided string into a path without first checking the value. This PR adds a check to prevent inadvertent exposure of local files via the /collections/views/ route.
/collections/views/
Should resolve https://github.com/PrefectHQ/prefect/security/code-scanning/2010
maintenance
fix
feature
enhancement
docs
<link to issue>
mint.json
When loading collection view data from disk, we pass a user-provided string into a path without first checking the value. This PR adds a check to prevent inadvertent exposure of local files via the
/collections/views/
route.Should resolve https://github.com/PrefectHQ/prefect/security/code-scanning/2010
Example
Checklist
maintenance
,fix
,feature
,enhancement
,docs
.<link to issue>
"mint.json
.