1
0
mirror of https://github.com/LibreTranslate/LibreTranslate.git synced 2024-11-17 21:10:12 +01:00
LibreTranslate/libretranslate/security.py

17 lines
431 B
Python
Raw Permalink Normal View History

2021-10-26 21:41:14 +02:00
import os
class SuspiciousFileOperationError(Exception):
2021-10-26 21:41:14 +02:00
pass
2021-10-26 21:41:14 +02:00
def path_traversal_check(unsafe_path, known_safe_path):
known_safe_path = os.path.abspath(known_safe_path)
unsafe_path = os.path.abspath(unsafe_path)
if (os.path.commonprefix([known_safe_path, unsafe_path]) != known_safe_path):
raise SuspiciousFileOperationError(f"{unsafe_path} is not safe")
2021-10-26 21:41:14 +02:00
# Passes the check
return unsafe_path