Log unsafe paths
This commit is contained in:
parent
91e49986ee
commit
2178ba58be
@ -484,7 +484,8 @@ class Collection(BaseCollection):
|
||||
filesystem_path = path_to_filesystem(folder, sane_path)
|
||||
except ValueError as e:
|
||||
# Path is unsafe
|
||||
cls.logger.info(e)
|
||||
cls.logger.debug("Collection with unsafe path %r requested: %s",
|
||||
sane_path, e, exc_info=True)
|
||||
return
|
||||
|
||||
# Check if the path exists and if it leads to a collection or an item
|
||||
|
@ -84,7 +84,9 @@ class Web(BaseWeb):
|
||||
try:
|
||||
filesystem_path = storage.path_to_filesystem(
|
||||
self.folder, path[len("/.web"):])
|
||||
except ValueError:
|
||||
except ValueError as e:
|
||||
self.logger.debug("Web content with unsafe path %r requested: %s",
|
||||
path, e, exc_info=True)
|
||||
return NOT_FOUND
|
||||
if os.path.isdir(filesystem_path) and not path.endswith("/"):
|
||||
location = posixpath.basename(path) + "/"
|
||||
|
Loading…
Reference in New Issue
Block a user