Github user alopresto commented on the issue:
https://github.com/apache/nifi/pull/2908
"Safe" (whitelisted) but inaccurate context path:
<img width="1920" alt="screen shot 2018-07-18 at 5 13 17 pm"
src="https://user-images.githubusercontent.com/798465/42914275-563f38aa-8aae-11e8-9d23-33c5ce1b3dcb.png";>
Malicious context path:
<img width="1920" alt="screen shot 2018-07-18 at 5 13 37 pm"
src="https://user-images.githubusercontent.com/798465/42914274-5625db44-8aae-11e8-9cc1-9895cacf49eb.png";>---
![https://user-images.githubusercontent.com/798465/42914275-563f38aa-8aae-11e8-9d23-33c5ce1b3dcb.png"](https://user-images.githubusercontent.com/798465/42914275-563f38aa-8aae-11e8-9d23-33c5ce1b3dcb.png"){kind=link}
![https://user-images.githubusercontent.com/798465/42914274-5625db44-8aae-11e8-9cc1-9895cacf49eb.png"](https://user-images.githubusercontent.com/798465/42914274-5625db44-8aae-11e8-9cc1-9895cacf49eb.png"){kind=link}