Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[fix] Enhance name pre checker in resource center #10094

Merged
merged 4 commits into from
May 18, 2022

Conversation

zhongjiajie
Copy link
Member

Add file name and directory checker to avoid directory traversal

Add file name and directory checker to avoid directory traversal
@caishunfeng caishunfeng added this to the 3.0.0-beta-1 milestone May 18, 2022
@zhongjiajie zhongjiajie self-assigned this May 18, 2022
@zhongjiajie zhongjiajie added bug Something isn't working backend labels May 18, 2022
@sonarcloud
Copy link

sonarcloud bot commented May 18, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 2 Code Smells

31.8% 31.8% Coverage
28.6% 28.6% Duplication

@zhongjiajie zhongjiajie marked this pull request as ready for review May 18, 2022 10:29
Copy link
Contributor

@caishunfeng caishunfeng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@caishunfeng caishunfeng merged commit 63f8357 into apache:dev May 18, 2022
zhongjiajie added a commit that referenced this pull request May 23, 2022
* [fix] Enhance name pre checker in resource center

Add file name and directory checker to avoid directory traversal

* add some missing change and change docs

* change var name in directoryTraversal

* Fix ci

(cherry picked from commit 63f8357)
Tianqi-Dotes pushed a commit to Tianqi-Dotes/dolphinscheduler that referenced this pull request Jun 16, 2022
* [fix] Enhance name pre checker in resource center

Add file name and directory checker to avoid directory traversal

* add some missing change and change docs

* change var name in directoryTraversal

* Fix ci
zhongjiajie added a commit to zhongjiajie/dolphinscheduler that referenced this pull request Jul 4, 2022
* [fix] Enhance name pre checker in resource center

Add file name and directory checker to avoid directory traversal

* add some missing change and change docs

* change var name in directoryTraversal

* Fix ci

(cherry picked from commit 63f8357)
brave-lee pushed a commit that referenced this pull request Jul 4, 2022
* [fix] Enhance name pre checker in resource center (#10094)

* [fix] Enhance name pre checker in resource center

Add file name and directory checker to avoid directory traversal

* add some missing change and change docs

* change var name in directoryTraversal

* Fix ci

(cherry picked from commit 63f8357)

* Add new constants
@zhongjiajie zhongjiajie deleted the dev branch November 28, 2023 06:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backend bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants