diff options
author | Serge Bazanski | 2021-12-27 21:28:23 +0100 |
---|---|---|
committer | stuebinm | 2021-12-27 21:36:23 +0100 |
commit | 0152c43a2aa8012e40c8cfdce085bce6c7dac1b3 (patch) | |
tree | b165159f1d94a2031015a35b0a34611b24897d3c /lib/CheckMap.hs | |
parent | 89a4aa1e911e6e67cbbea09c4c72bb95701c02ed (diff) |
SECURITY: Fix path traversal in script verification
The following used to be allowed:
scripts: https://static.rc3.world/scripts/../maps/81c8add623eea2704f20/e65b545e-342f-4be0-b369-c0eacff7b15d/re-blessed.mp3.js
This is obviously not good, as it allows scripts from arbitrary maps.
Diffstat (limited to 'lib/CheckMap.hs')
0 files changed, 0 insertions, 0 deletions