We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Currently the method Response::file() performs a very basic checking against "Directory Traversal" attacks by doing this:
Response::file()
if (strpos($path, '..') !== false) { throw new NotFoundException('The requested file contains `..` and will not be read.'); }
This approach doesn't allow us to work with file names containing two consecutive dots symbols, e.g. Some truncated name ... .pdf
Some truncated name ... .pdf
Proposed solution, remove filename from $path before checking:
if (strpos(dirname($path), '..') !== false) { throw new NotFoundException('The requested file contains `..` and will not be read.'); }
The text was updated successfully, but these errors were encountered:
@quickapps would you like to submit a PR for this ?
Sorry, something went wrong.
Fix directory traversal security checking
92e3e09
fixes cakephp#7015
closed with #7021
markstory
Successfully merging a pull request may close this issue.
Currently the method
Response::file()
performs a very basic checking against "Directory Traversal" attacks by doing this:This approach doesn't allow us to work with file names containing two consecutive dots symbols, e.g.
Some truncated name ... .pdf
Proposed solution, remove filename from $path before checking:
The text was updated successfully, but these errors were encountered: