fix security issue, don't allow to go back in the path
This commit is contained in:
parent
a7292e897a
commit
9ab887fed5
|
@ -5,7 +5,7 @@ OCP\JSON::checkLoggedIn();
|
|||
OCP\JSON::callCheck();
|
||||
|
||||
$view = \OCP\Files::getStorage("files_external");
|
||||
$cert = $_POST['cert'];
|
||||
$cert = ltrim($_POST['cert'], "/.");
|
||||
$file = \OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/'.$cert;
|
||||
unlink($file);
|
||||
OC_Mount_Config::createCertificateBundle();
|
||||
|
|
Loading…
Reference in New Issue