-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[enhancement] protect against path traversal attack #19
Comments
@TheAlgorythm I'm unfamiliar with path traversal attacks. It looks like your crate supports Otherwise, could you share a little more information regarding what the traversal attacks are and how protection could be incorporated into this crate? I'm also open to PRs, of course 😄 |
Mostly from OWASP but a bit more general. Something like this where the pushed strings are user input: let mut path = PathBuf::new("/tmp/my-app");
path.push("/etc/shadow"); // or
path.push("../other-app/secret"); Yes, my crate is for |
#23 is implementing this functionality, so going to close this out. |
It would be great if this crate would support a protection against path traversal attacks.
Ideally it would be by a generic wrapper type like I did with my crate path_ratchet.
The text was updated successfully, but these errors were encountered: