agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-24 17:51:51 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,839 Commits 3 Branches 19 Tags
56dcbefb5b4dad0e2aaa6e4ab8311d8acdba004b
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Simon Detheridge 56dcbefb5b Check for safe paths in all ProjectEntityHandler methods 
Some import mechanisms (for example, Github project import) call methods such as 'upsert*' directly, bypassing existing filename checks.

Added checks to all methods in ProjectEntityHandler that can create or rename a file.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 15:31:04 +01:00
services/web
Check for safe paths in all ProjectEntityHandler methods
2018-10-08 15:31:04 +01:00
Description
No description provided
AGPL-3.0 242 MiB
Languages
JavaScript 62.9%
TypeScript 29.4%
SCSS 2.6%
Java 2.1%
Pug 0.8%
Other 2.1%