From 7468edff861396498330c7467e1f185f0ef7ab77 Mon Sep 17 00:00:00 2001
From: benjamyn <benjamyn.love@gmail.com>
Date: Sat, 8 Dec 2018 00:36:48 +1100
Subject: [PATCH] fixed LFI in reading pastes

---
 paste.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/paste.py b/paste.py
index 4c31964..752104b 100644
--- a/paste.py
+++ b/paste.py
@@ -10,6 +10,7 @@ pasteDir = Path("pastes")
 nameLength = 10
 useSpecialChars = False
 allowListing = False
+hostedURL = "http://localhost:5000/"
 
 letters = string.ascii_letters 
 if useSpecialChars:
@@ -64,12 +65,14 @@ def index():
 			name = randomName()
 		else:
 			writePaste(name, data.decode())
-			return "https://paste.benjamyn.love/" + name
+			return hostedURL + name
 
 
 @app.route('/<path:path>')
 def getPaste(path):
-	pasten = pasteDir / path
+	tmpPath = Path(path)
+	pasten = pasteDir / tmpPath.name
+	print("Checking " + str(pasten))
 	if pasten.is_file():
 		with pasten.open() as f: data = f.read()
 		return data