Closed mbarta closed 1 year ago
This PR adds checks for a path traversal attacks.
A malicious app can inject URIs of files with file names containing characters such as "../" that when resolved cause the file to be written to parent directories and even rewrite content of existing files.
The changes in this PR prevent this.
This PR adds checks for a path traversal attacks.
A malicious app can inject URIs of files with file names containing characters such as "../" that when resolved cause the file to be written to parent directories and even rewrite content of existing files.
The changes in this PR prevent this.