ExternalVendorCode/lollms
1
0
Fork 0
mirror of https://github.com/ParisNeo/lollms.git synced 2024-12-18 20:27:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update security.py

Browse Source
This commit is contained in:
Saifeddine ALOUI 2024-12-16 10:41:48 +01:00 committed by GitHub
parent 3a277a282f
commit 1244a8677e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lollms/security.py
View File

@ -185,8 +185,9 @@ def sanitize_path(path: str, allow_absolute_path: bool = False, allow_current_fo
if path is None:
return path
# Normalize path to use forward slashes
path = path.replace('\\', '/')
if not allow_absolute_path:
# Normalize path to use forward slashes
path = path.replace('\\', '/')
path = path.strip()
if not allow_current_folder and path=="./":
@ -382,4 +383,4 @@ class MultipartBoundaryCheck(BaseHTTPMiddleware):
def is_valid_boundary(self, boundary):
# RFC 2046 states that the boundary should only contain these characters
valid_chars = set("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'()+_,-./:=?")
return all(char in valid_chars for char in boundary)
return all(char in valid_chars for char in boundary)