diff options
| author | Adam Cammack <[email protected]> | 2013-02-15 17:32:55 -0600 |
|---|---|---|
| committer | Adam Cammack <[email protected]> | 2013-02-16 02:13:19 -0600 |
| commit | a9294e0f5079d8a7a424cdffc7d5f22ec94825c5 (patch) | |
| tree | 066be530722d077e7ced2c0e4317361a181336a8 /examples/rest_pastebin/src | |
| parent | e3daf439da42283cf65faa3311ff73bb7ffe413b (diff) | |
| download | cowboy-a9294e0f5079d8a7a424cdffc7d5f22ec94825c5.tar.gz cowboy-a9294e0f5079d8a7a424cdffc7d5f22ec94825c5.tar.bz2 cowboy-a9294e0f5079d8a7a424cdffc7d5f22ec94825c5.zip | |
Improve pastebin example
Reject more malicious paths.
Diffstat (limited to 'examples/rest_pastebin/src')
| -rw-r--r-- | examples/rest_pastebin/src/toppage_handler.erl | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/examples/rest_pastebin/src/toppage_handler.erl b/examples/rest_pastebin/src/toppage_handler.erl index 758e11d..5e904d9 100644 --- a/examples/rest_pastebin/src/toppage_handler.erl +++ b/examples/rest_pastebin/src/toppage_handler.erl @@ -89,6 +89,7 @@ file_exists(Name) -> valid_path(<<>>) -> true; valid_path(<<$., _T/binary>>) -> false; +valid_path(<<$/, _T/binary>>) -> false; valid_path(<<_Char, T/binary>>) -> valid_path(T). new_paste_id() -> |