mirror of
https://github.com/actix/actix-website
synced 2024-11-27 18:12:57 +01:00
static-files: Fix warning annotation (#344)
This commit is contained in:
parent
389681aa07
commit
6fea6cd0ca
@ -10,7 +10,9 @@ It is possible to serve static files with a custom path pattern and `NamedFile`.
|
|||||||
|
|
||||||
<CodeBlock example="static-files" file="main.rs" section="individual-file" />
|
<CodeBlock example="static-files" file="main.rs" section="individual-file" />
|
||||||
|
|
||||||
:::warning Matching a path tail with the `[.*]` regex and using it to return a `NamedFile` has serious security implications. It offers the possibility for an attacker to insert `../` into the URL and access every file on the host that the user running the server has access to. :::
|
:::warning
|
||||||
|
Matching a path tail with the `[.*]` regex and using it to return a `NamedFile` has serious security implications. It offers the possibility for an attacker to insert `../` into the URL and access every file on the host that the user running the server has access to.
|
||||||
|
:::
|
||||||
|
|
||||||
## Directory
|
## Directory
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user