mirror_html/filegator
1
0
Fork 0
mirror of https://github.com/filegator/filegator.git synced 2025-08-18 07:11:27 +02:00
Code Issues Projects Releases Wiki Activity

v7.4.4 fixes #116

Browse Source
This commit is contained in:
Milos Stojanovic
2020-07-28 13:04:25 +02:00
parent 8a16c9e36c
commit 812a0a2ce0
5 changed files with 59 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
tests/backend/Unit/FilesystemTest.php
View File

@@ -401,6 +401,9 @@ class FilesystemTest extends TestCase
$this->assertEquals('/john/test', $this->invokeMethod($this->storage, 'applyPathPrefix', ['/test']));
$this->assertEquals('/john/test.txt', $this->invokeMethod($this->storage, 'applyPathPrefix', ['test.txt']));
$this->assertEquals('/john/test.txt/', $this->invokeMethod($this->storage, 'applyPathPrefix', ['test.txt/']));
// no escaping path to upper dir
$this->assertEquals('/john/', $this->invokeMethod($this->storage, 'applyPathPrefix', ['/..']));
$this->assertEquals('/john/', $this->invokeMethod($this->storage, 'applyPathPrefix', ['/sub/../../']));
}
public function testStripPathPrefix()
@@ -770,4 +773,49 @@ class FilesystemTest extends TestCase
$this->assertDirectoryExists(TEST_REPOSITORY.'/test2/test1/');
}
public function testCannotGoUpTheHomeDirUsingPathFiddle()
{
$this->storage->createFile('/', 'hidden.txt');
$this->storage->createDir('/', 'johnsub');
$this->storage->createFile('/johnsub', 'john.txt');
$this->storage->setPathPrefix('/johnsub');
$ret = $this->storage->getDirectoryCollection('/');
$ret->resetTimestamps(-1);
$this->assertJsonStringEqualsJsonString(json_encode([
'location' => '/',
'files' => [
0 => [
'type' => 'file',
'path' => '/john.txt',
'name' => 'john.txt',
'size' => 0,
'time' => -1,
],
],
]), json_encode($ret));
$ret = $this->storage->getDirectoryCollection('/..');
$ret->resetTimestamps(-1);
$this->assertJsonStringEqualsJsonString(json_encode([
'location' => '/..',
'files' => [
0 => [
'type' => 'back',
'path' => '/',
'name' => '..',
'size' => 0,
'time' => -1,
],
1 => [
'type' => 'file',
'path' => '/john.txt',
'name' => 'john.txt',
'size' => 0,
'time' => -1,
],
],
]), json_encode($ret));
}
}