vbrandl/fotochallenge
Archived
1
0
Fork 0
Code Issues 4 Pull Requests 3 Actions Packages Projects Releases Activity

Platform independent path validation
All checks were successful
/ Misc Linters (push) Successful in 27s
Details
/ Misc Linters (pull_request) Successful in 20s
Details
/ Build App (pull_request) Successful in 58s
Details
/ Build App (push) Successful in 47s
Details

Browse Source
This commit is contained in:
Valentin Brandl 2024-08-17 14:59:55 +02:00
parent 1f846bd5fe
commit 6615e2788a
Signed by: vbrandl
GPG Key ID: CAD4DA1A789125F9
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/lib/index.ts
View File

@ -7,9 +7,9 @@ function safePath(basePath: string, name: string): boolean {
return (
!!relative &&
// does move out of `basePath`
!relative.startsWith('..') &&
!relative.startsWith(`..${path.sep}`) &&
// exactly one layer deep, e.g. no `./uplodas/foo/bar`
!relative.includes('/') &&
!relative.includes(path.sep) &&
// result is not an absolute path
!path.isAbsolute(relative)
);