From 06fef5549b3900be9d34820613861d7e0cd2c7b6 Mon Sep 17 00:00:00 2001
From: Piero Toffanin <pt@masseranolabs.com>
Date: Fri, 1 Feb 2019 16:20:03 -0500
Subject: [PATCH] Sanitization

---
 libs/taskNew.js | 3 ++-
 libs/utils.js   | 4 ++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/libs/taskNew.js b/libs/taskNew.js
index 782168c..4eb9091 100644
--- a/libs/taskNew.js
+++ b/libs/taskNew.js
@@ -30,6 +30,7 @@ const Task = require('./Task');
 const async = require('async');
 const odmInfo = require('./odmInfo');
 const request = require('request');
+const utils = require('./utils');
 
 const download = function(uri, filename, callback) {
     request.head(uri, function(err, res, body) {
@@ -62,7 +63,7 @@ const upload = multer({
             });
         },
         filename: (req, file, cb) => {
-            let filename = file.originalname;
+            let filename = utils.sanitize(file.originalname);
             if (filename === "body.json") filename = "_body.json";
             cb(null, filename);
         }
diff --git a/libs/utils.js b/libs/utils.js
index 1bb4563..5b6279b 100644
--- a/libs/utils.js
+++ b/libs/utils.js
@@ -13,5 +13,9 @@ module.exports = {
             }
         }	
         return defaultValue;
+    },
+
+    sanitize: function(filePath){
+        return filePath.replace(/(\/|\\)/g, "_");
     }
 };
\ No newline at end of file