sanitize filepaths provided by checkUrl
This commit is contained in:
Joey Hess
parent
b0ca0985ce
commit
67c05daf5e
5 changed files with 41 additions and 10 deletions
|
|
@ -5,14 +5,42 @@
|
|||
- Licensed under the GNU GPL version 3 or higher.
|
||||
-}
|
||||
|
||||
module Types.UrlContents where
|
||||
module Types.UrlContents (
|
||||
UrlContents(..),
|
||||
SafeFilePath,
|
||||
mkSafeFilePath,
|
||||
fromSafeFilePath
|
||||
) where
|
||||
|
||||
import Utility.Url
|
||||
import Utility.Path
|
||||
|
||||
import System.FilePath
|
||||
|
||||
data UrlContents
|
||||
-- An URL contains a file, whose size may be known.
|
||||
-- There might be a nicer filename to use.
|
||||
= UrlContents (Maybe Integer) (Maybe FilePath)
|
||||
= UrlContents (Maybe Integer) (Maybe SafeFilePath)
|
||||
-- Sometimes an URL points to multiple files, each accessible
|
||||
-- by their own URL.
|
||||
| UrlMulti [(URLString, Maybe Integer, FilePath)]
|
||||
| UrlMulti [(URLString, Maybe Integer, SafeFilePath)]
|
||||
|
||||
-- This is a FilePath, from an untrusted source,
|
||||
-- sanitized so it doesn't contain any directory traversal tricks
|
||||
-- and is always relative. It can still contain subdirectories.
|
||||
-- Any unusual characters are also filtered out.
|
||||
newtype SafeFilePath = SafeFilePath FilePath
|
||||
deriving (Show)
|
||||
|
||||
mkSafeFilePath :: FilePath -> SafeFilePath
|
||||
mkSafeFilePath p = SafeFilePath $ if null p' then "file" else p'
|
||||
where
|
||||
p' = joinPath $ filter safe $ map sanitizeFilePath $ splitDirectories p
|
||||
safe s
|
||||
| isDrive s = False
|
||||
| s == ".." = False
|
||||
| null s = False
|
||||
| otherwise = True
|
||||
|
||||
fromSafeFilePath :: SafeFilePath -> FilePath
|
||||
fromSafeFilePath (SafeFilePath p) = p
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue