Skip to content

Commit

Permalink
Add sanitization on cert file name derived from username
Browse files Browse the repository at this point in the history
  • Loading branch information
dlc-ariel committed Jan 11, 2023
1 parent e3dd85f commit 1726894
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion FreeTAKServer/core/util/certificate_generation.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
import shutil
import pathlib
from FreeTAKServer.core.configuration.MainConfig import MainConfig
from werkzeug.utils import secure_filename

try:
import requests
Expand Down Expand Up @@ -259,7 +260,7 @@ def generate_wintak_zip(server_address: str = None, server_filename: str = "serv
</Contents>
</MissionPackageManifest>
""")
username = user_filename[:-4]
username = secure_filename(user_filename[:-4])
random_id = uuid.uuid4()
new_uid = uuid.uuid4()
folder = "5c2bfcae3d98c9f4d262172df99ebac5"
Expand Down

0 comments on commit 1726894

Please sign in to comment.