mirror of
https://github.com/overleaf/overleaf.git
synced 2025-01-06 06:21:30 +00:00
17 lines
663 B
CoffeeScript
17 lines
663 B
CoffeeScript
Path = require("path")
|
|
fs = require("fs")
|
|
Settings = require("settings-sharelatex")
|
|
logger = require("logger-sharelatex")
|
|
|
|
|
|
module.exports = (req, res, next)->
|
|
basePath = Path.resolve("#{Settings.path.compilesDir}/#{req.params.project_id}")
|
|
requestedFsPath = Path.normalize("#{basePath}/#{req.params[0]}")
|
|
fs.realpath requestedFsPath, (err, realFsPath)->
|
|
if err?
|
|
return res.send(500)
|
|
else if requestedFsPath != realFsPath
|
|
logger.warn requestedFsPath:requestedFsPath, realFsPath:realFsPath, path: req.params[0], project_id: req.params.project_id, "trying to access a different file (symlink), aborting"
|
|
return res.send(404)
|
|
else
|
|
return next()
|