fnp
/
redakcja.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
fileupload: handle dot components in MEDIA_ROOT path correctly
[redakcja.git]
/
apps
/
fileupload
/
views.py
diff --git
a/apps/fileupload/views.py
b/apps/fileupload/views.py
index
8863465
..
ab719a1
100644
(file)
--- a/
apps/fileupload/views.py
+++ b/
apps/fileupload/views.py
@@
-78,7
+78,7
@@
class UploadView(FormView):
settings.MEDIA_ROOT,
self.get_directory(),
filename))
settings.MEDIA_ROOT,
self.get_directory(),
filename))
- if not path.startswith(
settings.MEDIA_ROOT
):
+ if not path.startswith(
os.path.abspath(settings.MEDIA_ROOT)
):
raise Http404
if filename:
if not path.startswith(self.get_safe_path()):
raise Http404
if filename:
if not path.startswith(self.get_safe_path()):
@@
-99,7
+99,7
@@
class UploadView(FormView):
files = []
path = self.get_safe_path()
if os.path.isdir(path):
files = []
path = self.get_safe_path()
if os.path.isdir(path):
- for f in
os.listdir(path
):
+ for f in
sorted(os.listdir(path)
):
file_info = {
"name": f,
}
file_info = {
"name": f,
}
fnp / redakcja.git / blobdiff