Etusivu Tutki
Rekisteröidy Kirjaudu sisään
Endevir
/
git-server
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Branch: master
Branchit Tagit
git-server
/
internal
/
tool
/
path.go

path.go 737 B
Pysyvä linkki Historia Raaka

1234567891011121314151617181920212223 
  1. // Copyright 2018 The Gogs Authors. All rights reserved.
    2. 

  2. // Use of this source code is governed by a MIT-style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package tool
    6. 

  6. 

  7. import (
    8. 

  8. 	"path/filepath"
    9. 

  9. 	"strings"
    10. 

  10. )
    11. 

  11. 

  12. // IsSameSiteURLPath returns true if the URL path belongs to the same site, false otherwise.
    13. 

  13. // False: //url, http://url, /\url
    14. 

  14. // True: /url
    15. 

  15. func IsSameSiteURLPath(url string) bool {
    16. 

  16. 	return len(url) >= 2 && url[0] == '/' && url[1] != '/' && url[1] != '\\'
    17. 

  17. }
    18. 

  18. 

  19. // IsMaliciousPath returns true if given path is an absolute path or contains malicious content
    20. 

  20. // which has potential to traverse upper level directories.
    21. 

  21. func IsMaliciousPath(path string) bool {
    22. 

  22. 	return filepath.IsAbs(path) || strings.Contains(path, "..")
    23. 

  23. }
    24.