github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-07 20:31:06 -05:00
Code Issues Projects Releases Packages Wiki Activity
overleaf/services/web/app/coffee
History
Simon Detheridge 56dcbefb5b Check for safe paths in all ProjectEntityHandler methods 
Some import mechanisms (for example, Github project import) call methods such as 'upsert*' directly, bypassing existing filename checks.

Added checks to all methods in ProjectEntityHandler that can create or rename a file.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 15:31:04 +01:00
..
Features Check for safe paths in all ProjectEntityHandler methods 2018-10-08 15:31:04 +01:00
infrastructure Merge pull request #992 from sharelatex/as-fix-mathjax 2018-10-04 15:01:05 +01:00
models remove unused confirmed field from user model 2018-10-03 16:01:30 +01:00
router.coffee Merge pull request #978 from sharelatex/hb-use-exports-for-pdf-from-publish-modal 2018-10-08 10:13:18 +01:00