search

patrickhener / goshs

A SimpleHTTPServer written in Go, enhanced with features and with a nice design - https://goshs.de
MIT License
293 stars 22 forks source link

Fix code scanning alert - Uncontrolled data used in path expression #54

Closed patrickhener closed 11 months ago

patrickhener commented 1 year ago

Tracking issue for:

patrickhener commented 1 year ago

Need to sanitize path on delete function. Otherwise one can delete arbitrary files through path traversal.

patrickhener commented 11 months ago

should be fixed with commit ffe8319