improve validations for user provided file and directory paths

2025-12-07 06:40:54 +03:00 · 2020-03-03 09:09:58 +01:00
parent d0a81cabab
commit 7f1946de34
13 changed files with 72 additions and 10 deletions
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -288,3 +288,14 @@ func LoadTemplate(t *template.Template, err error) *template.Template {
 	}
 	return t
 }
+
+// IsFileInputValid returns true this is a valid file name.
+// This method must be used before joining a file name, generally provided as
+// user input, with a directory
+func IsFileInputValid(fileInput string) bool {
+	cleanInput := filepath.Clean(fileInput)
+	if cleanInput == "." || cleanInput == ".." {
+		return false
+	}
+	return true
+}