Skip to content

Commit abd76ff

Browse files
0xJacky0xJacky
committed
enhance: clean filepath
1 parent 46a9ccb commit abd76ff

File tree

2 files changed

+8
-2
lines changed

2 files changed

+8
-2
lines changed

api/config/list.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@ func GetConfigs(c *gin.Context) {
1818
dir := c.DefaultQuery("dir", "/")
1919

2020
configFiles, err := os.ReadDir(nginx.GetConfPath(dir))
21-
2221
if err != nil {
2322
api.ErrHandler(c, err)
2423
return

internal/nginx/config_args.go

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package nginx
22

33
import (
4+
"github.com/0xJacky/Nginx-UI/internal/helper"
45
"github.com/0xJacky/Nginx-UI/internal/logger"
56
"github.com/0xJacky/Nginx-UI/settings"
67
"os/exec"
@@ -31,7 +32,13 @@ func GetConfPath(dir ...string) (confPath string) {
3132
confPath = settings.NginxSettings.ConfigDir
3233
}
3334

34-
return filepath.Join(confPath, filepath.Join(dir...))
35+
joined := filepath.Clean(filepath.Join(confPath, filepath.Join(dir...)))
36+
37+
if !helper.IsUnderDirectory(confPath, joined) {
38+
return confPath
39+
}
40+
41+
return
3542
}
3643

3744
func GetPIDPath() (path string) {

0 commit comments

Comments
 (0)