security fix

Author: Admin user

.github/workflows/reusable-cd.yml

@@ -18,7 +18,7 @@ jobs:
         id-token: write
       environment:
         name: ${{ inputs.environment }}
-        url: "https://techexcel-${{ inputs.environment }}.azurewebsites.net/"
+        url: "https://ghwxvgb4jngfa-${{ inputs.environment }}.azurewebsites.net/"
       steps:
         - uses: azure/[email protected]
           with:

.gitignore

@@ -1,2 +1,4 @@
 
 .DS_Store
+ # Local configuration file for developers
+ src/Application/src/RazorPagesTestSample/config.json

src/Application/src/RazorPagesTestSample/Pages/Index.cshtml.cs

@@ -92,10 +92,24 @@ public async Task<IActionResult> OnPostAnalyzeMessagesAsync()
             return RedirectToPage();
         }
 
+     
+        
         public static void WriteToDirectory(ZipArchiveEntry entry, string destDirectory)
         {
+            // Get the full path of the destination file
             string destFileName = Path.Combine(destDirectory, entry.FullName);
-            entry.ExtractToFile(destFileName);
+        
+            // Ensure the destination directory exists
+            Directory.CreateDirectory(Path.GetDirectoryName(destFileName));
+        
+            // Check if the destination file path is within the intended directory
+            if (!destFileName.StartsWith(Path.GetFullPath(destDirectory), StringComparison.OrdinalIgnoreCase))
+            {
+                throw new InvalidOperationException("Attempt to extract file outside of the destination directory.");
+            }
+        
+            // Extract the file
+            entry.ExtractToFile(destFileName, overwrite: true);
         }
     }
 }