Mercurial > gemma
diff pkg/controllers/routes.go @ 5377:d19fdf3d2099 extented-report
Add a string type that allows only runes that are safe of directory traversal.
| author | Sascha L. Teichmann <sascha.teichmann@intevation.de> |
|---|---|
| date | Thu, 24 Jun 2021 22:13:48 +0200 |
| parents | 755ed195fdc3 |
| children | fc3a5345b0fd |
line wrap: on
line diff
--- a/pkg/controllers/routes.go Thu Jun 24 19:24:21 2021 +0200 +++ b/pkg/controllers/routes.go Thu Jun 24 22:13:48 2021 +0200 @@ -341,7 +341,7 @@ NoConn: true, })).Methods(http.MethodGet) - api.Handle("/data/report/{name:[a-zA-Z0-9_-]+}", waterwayAdmin( + api.Handle("/data/report/{name:"+models.SafePathExp+"}", waterwayAdmin( mw.DBConn(http.HandlerFunc(report)))).Methods(http.MethodGet) // Handler to serve data to the client.