mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-03 21:27:38 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

mod_http_file_share: Validate that filename does not contain '/'

Browse source
This commit is contained in:
Kim Alvefur 2021-01-26 14:52:37 +01:00
parent 62f77b9ac9
commit ea3b09dea8
2 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
spec/scansion/http_upload.scs
View file

@ -21,6 +21,19 @@ Romeo receives:
</slot>
</iq>
Romeo sends:
<iq to='upload.localhost' type='get' id='ac56d83f-a627-4732-8399-60492d1210b6' xml:lang='en'>
<request content-type='text/plain' filename='invalid/filename.dat' xmlns='urn:xmpp:http:upload:0' size='1000'/>
</iq>
Romeo receives:
<iq id='ac56d83f-a627-4732-8399-60492d1210b6' from='upload.localhost' type='error'>
<error type='modify'>
<bad-request xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>Invalid filename</text>
</error>
</iq>
Romeo disconnects
# recording ended on 2021-01-27T22:10:46Z