Hi Maxim, you've commited a fix in r=4167. You removed my fix actually and added another check. I don't understand the logic behidn it, could you explain it?
How do you prevent that anybody is using ../ so that he might access files that he should NOT? Your fix would actually create that folder inside it? But we don't wan't that any folder is created in our webapp dir by just randomizing the params parentPath or fileName? Sebastian -- Sebastian Wagner http://www.webbase-design.de http://openmeetings.googlecode.com http://www.wagner-sebastian.com [email protected] -- You received this message because you are subscribed to the Google Groups "OpenMeetings developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/openmeetings-dev?hl=en.
