farcasclaudiu/Flowise
1
0
Fork 0
mirror of https://github.com/farcasclaudiu/Flowise.git synced 2026-06-29 07:01:04 +03:00
Code Issues Packages Projects Releases Wiki Activity

Bugfix/add path traversal check to chatId (#5208)

Browse Source 
* add path traversal check to chatId

* update axios
This commit is contained in:
Henry Heng
2025-09-13 23:47:22 +01:00
committed by GitHub
parent b2dcdab5b9
commit c00ae78488
6 changed files with 50 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/components/src/storageUtils.ts
+2 -2
View File
@@ -753,8 +753,8 @@ export const streamStorageFile = async (
}
// Check for path traversal attempts
if (isPathTraversal(chatflowId)) {
throw new Error('Invalid path characters detected in chatflowId')
if (isPathTraversal(chatflowId) || isPathTraversal(chatId)) {
throw new Error('Invalid path characters detected in chatflowId or chatId')
}
const storageType = getStorageType()