On Tuesday, 6 December 2016 at 22:28:04 UTC, aberba wrote:
Love the article! Please keep writing tutorials like this :-D.
The upload function is (kind of) vulnerable against path
moveFile(file.tempPath, Path("./public/uploads") ~
If a file named "../SomeOtherFile.htm" is uploaded the server
will hit this assert:
Denail of Service attack!
When the application is compiled with the release flag the assert
will be omitted and the path traversal will work.
It would be more beginner friendly if you also described how to
add the upload function to the router.
Your github link on the left side is broken. Discovered this when
I was looking for a zip with the finished code.