You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To prevent templates (and potentially static files) being loaded form outside the site directories, template paths are currently filtered for significant path manipulation strings such as '..'.
This filtering should be replaced by determining if the target files physically resides outside the site directory. This will catch any path manipulation strings currently not checked for. As well as preventing symbolic links from being exploited.
The text was updated successfully, but these errors were encountered:
To prevent templates (and potentially static files) being loaded form outside the site directories, template paths are currently filtered for significant path manipulation strings such as '..'.
This filtering should be replaced by determining if the target files physically resides outside the site directory. This will catch any path manipulation strings currently not checked for. As well as preventing symbolic links from being exploited.
The text was updated successfully, but these errors were encountered: