OpenDroneMap-WebODM/app/security.py

12 wiersze
433 B
Python
Czysty Zwykły widok Historia

2020-04-02 20:58:58 +00:00
from django.core.exceptions import SuspiciousFileOperation
import os
def path_traversal_check(unsafe_path, known_safe_path):
known_safe_path = os.path.abspath(known_safe_path)
unsafe_path = os.path.abspath(unsafe_path)
if (os.path.commonprefix([known_safe_path, unsafe_path]) != known_safe_path):
raise SuspiciousFileOperation("{} is not safe".format(unsafe_path))
# Passes the check
return unsafe_path