aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files/js/files.js
diff options
context:
space:
mode:
authorLukas Reschke <lukas@statuscode.ch>2014-02-19 15:38:00 +0100
committerLukas Reschke <lukas@statuscode.ch>2014-02-19 15:38:00 +0100
commit2d5b3899a68adb496d6e20e93352395ba7b5dd2e (patch)
tree0ce35223cdbd079b8197fb9d50fd1f6fe81261af /apps/files/js/files.js
parent952584e9c782d196eb2bcd6df1e3ecdf21adcb55 (diff)
downloadnextcloud-server-2d5b3899a68adb496d6e20e93352395ba7b5dd2e.tar.gz
nextcloud-server-2d5b3899a68adb496d6e20e93352395ba7b5dd2e.zip
Hardening: Remove dangerous characters + Subdirectory Check
If an user is able to create folders in /core/l10n/ he is able to execute arbitrary code. Therefore I've added an `issubdirectory` check and removed all potential dangerous characters from `$lang`.
Diffstat (limited to 'apps/files/js/files.js')
0 files changed, 0 insertions, 0 deletions