[
https://issues.apache.org/jira/browse/SOLR-15826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17453242#comment-17453242
]
ASF subversion and git services commented on SOLR-15826:
--------------------------------------------------------
Commit c1f916d532e9580f22c09b6ad746d4ea9bcc47a6 in solr's branch
refs/heads/main from Jan Høydahl
[ https://gitbox.apache.org/repos/asf?p=solr.git;h=c1f916d ]
SOLR-15826: ResourceLoader should better respect allowed paths (#439)
> ResourceLoader should better respect allowed paths
> --------------------------------------------------
>
> Key: SOLR-15826
> URL: https://issues.apache.org/jira/browse/SOLR-15826
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Jan Høydahl
> Assignee: Jan Høydahl
> Priority: Major
> Time Spent: 40m
> Remaining Estimate: 0h
>
> ResourceLoader only returns files relative to instanceDir or resources from
> Classpath, but the check for whether the requested resource is relative to
> instanceDir or not happens after an attempt to check if the file exists. This
> can cause weird bugs, so we should move the check earlier.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
