Merge pull request #100 from datasektionen/revert-99-fix/maybe-remove…

…-arbitrary-file-inclusion Revert "Fix arbitrary file incusion"
datasektionen · Nov 8, 2022 · 781bbe3 · 781bbe3
2 parents c625079 + 1361b61
commit 781bbe3
Showing 1 changed file with 4 additions and 14 deletions.
diff --git a/server/fileupload.js b/server/fileupload.js
@@ -1,19 +1,13 @@
 var fs = Npm.require('fs')
-var path = Npm.require('path')
-
-var basedir = "../../../../../uploaded/"
 
 Router.map(function() {
 	this.route('files', {
 		path: '/uploaded/:path',
 		where: 'server',
 		action: function() {
-			var p = path.join(basedir, this.params.path)
-            if (!p.startsWith(basedir)) {
-                this.response.writeHead(400)
-                return this.response.end()
-            }
-			var file = fs.readFileSync(p)
+			var path = this.params.path
+			var basedir = "../../../../../uploaded/"
+			var file = fs.readFileSync(basedir + path)
 			this.response.writeHead(200)
 			return this.response.end(file)
 		}
@@ -23,11 +17,7 @@ Router.map(function() {
 
 Meteor.methods({
 	"file-upload": function(info, data) {
-		var p = path.join(basedir, info.name)
-        if (!p.startsWith(basedir)) {
-            this.response.writeHead(400)
-            return this.response.end()
-        }
+		var path = "../../../../../uploaded/" + info.name
 		if(info.type.split("/")[0] == "image") {
 			fs.writeFileSync(path, new Buffer(data, 'binary'))
 		} else {