diff options
Diffstat (limited to 'server/helpers/custom-validators/misc.ts')
-rw-r--r-- | server/helpers/custom-validators/misc.ts | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/server/helpers/custom-validators/misc.ts b/server/helpers/custom-validators/misc.ts index 3a3deab0c..f72513c1c 100644 --- a/server/helpers/custom-validators/misc.ts +++ b/server/helpers/custom-validators/misc.ts | |||
@@ -1,10 +1,18 @@ | |||
1 | import 'multer' | 1 | import 'multer' |
2 | import * as validator from 'validator' | 2 | import * as validator from 'validator' |
3 | import { sep } from 'path' | ||
3 | 4 | ||
4 | function exists (value: any) { | 5 | function exists (value: any) { |
5 | return value !== undefined && value !== null | 6 | return value !== undefined && value !== null |
6 | } | 7 | } |
7 | 8 | ||
9 | function isSafePath (p: string) { | ||
10 | return exists(p) && | ||
11 | (p + '').split(sep).every(part => { | ||
12 | return [ '', '.', '..' ].includes(part) === false | ||
13 | }) | ||
14 | } | ||
15 | |||
8 | function isArray (value: any) { | 16 | function isArray (value: any) { |
9 | return Array.isArray(value) | 17 | return Array.isArray(value) |
10 | } | 18 | } |
@@ -97,6 +105,7 @@ export { | |||
97 | isNotEmptyIntArray, | 105 | isNotEmptyIntArray, |
98 | isArray, | 106 | isArray, |
99 | isIdValid, | 107 | isIdValid, |
108 | isSafePath, | ||
100 | isUUIDValid, | 109 | isUUIDValid, |
101 | isIdOrUUIDValid, | 110 | isIdOrUUIDValid, |
102 | isDateValid, | 111 | isDateValid, |