fix path traversal for /view

2023-03-14 09:27:17 +01:00 · 2023-03-14 09:27:17 +01:00 · b1294fa49f
parent 5b425aaa40
commit b1294fa49f
1 changed files with 5 additions and 1 deletions
--- a/server.py
+++ b/server.py
@ -118,11 +118,15 @@ class PromptServer():
                output_dir = os.path.join(os.path.dirname(os.path.realpath(__file__)), type)
                if "subfolder" in request.rel_url.query:
-                    output_dir = os.path.join(output_dir, request.rel_url.query["subfolder"])
+                    full_output_dir = os.path.join(output_dir, request.rel_url.query["subfolder"])
                    if os.path.commonpath((os.path.realpath(full_output_dir), output_dir)) != output_dir:
                        return web.Response(status=403)
                    output_dir = full_output_dir
                file = request.rel_url.query["file"]
                file = os.path.basename(file)
                file = os.path.join(output_dir, file)
                if os.path.isfile(file):
                    return web.FileResponse(file)