diff options
author | James Tunnicliffe <james.tunnicliffe@linaro.org> | 2013-06-05 14:16:41 +0100 |
---|---|---|
committer | James Tunnicliffe <james.tunnicliffe@linaro.org> | 2013-06-05 14:16:41 +0100 |
commit | 746d36bc55b2d83b53907710dc2be7e7256ad577 (patch) | |
tree | be36e27faa0a40b3b8a4b66d8d259dd547bd1575 /license_protected_downloads/common.py | |
parent | 72fec9427621b380af0c56901dc810bbd6180fef (diff) |
Initial push support (needs API key, no tests yet)
Diffstat (limited to 'license_protected_downloads/common.py')
-rw-r--r-- | license_protected_downloads/common.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/license_protected_downloads/common.py b/license_protected_downloads/common.py new file mode 100644 index 0000000..0ad534a --- /dev/null +++ b/license_protected_downloads/common.py @@ -0,0 +1,18 @@ +import os + +def safe_path_join(base_path, *paths): + """os.path.join with with check that result is inside base_path. + + Checks that the generated path doesn't end up outside the target + directory, so server accesses stay where we expect them. + """ + + target_path = os.path.join(base_path, *paths) + + if not target_path.startswith(base_path): + return None + + if not os.path.normpath(target_path) == target_path.rstrip("/"): + return None + + return target_path |