fixed LFI in reading pastes
This commit is contained in:
parent
7b31c1e512
commit
7468edff86
7
paste.py
7
paste.py
@ -10,6 +10,7 @@ pasteDir = Path("pastes")
|
||||
nameLength = 10
|
||||
useSpecialChars = False
|
||||
allowListing = False
|
||||
hostedURL = "http://localhost:5000/"
|
||||
|
||||
letters = string.ascii_letters
|
||||
if useSpecialChars:
|
||||
@ -64,12 +65,14 @@ def index():
|
||||
name = randomName()
|
||||
else:
|
||||
writePaste(name, data.decode())
|
||||
return "https://paste.benjamyn.love/" + name
|
||||
return hostedURL + name
|
||||
|
||||
|
||||
@app.route('/<path:path>')
|
||||
def getPaste(path):
|
||||
pasten = pasteDir / path
|
||||
tmpPath = Path(path)
|
||||
pasten = pasteDir / tmpPath.name
|
||||
print("Checking " + str(pasten))
|
||||
if pasten.is_file():
|
||||
with pasten.open() as f: data = f.read()
|
||||
return data
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user