Skip to content

Commit

Permalink
fix: check img path
Browse files Browse the repository at this point in the history
  • Loading branch information
@xuewenG
xuewenG committed Dec 16, 2024
1 parent 3d16997 commit e95bf52
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion backend/handler/memo.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ func (m MemoHandler) RemoveImage(c echo.Context) error {
return FailResp(c, ParamError)
}

if !strings.HasPrefix(req.Img, "/upload/") {
if !strings.HasPrefix(req.Img, "/upload/") || strings.Contains(req.Img, "..") {
return SuccessResp(c, h{})
}

Expand Down

0 comments on commit e95bf52

Please sign in to comment.