From 58a654a70fd5c08051f98ebc2bfd01d377e88903 Mon Sep 17 00:00:00 2001
From: Vladimir Golovnev <glassez@yandex.ru>
Date: Mon, 27 Feb 2023 16:50:50 +0300
Subject: [PATCH] Reject requests that contain backslash in path

PR #18626.
Closes #18618.
---
 src/webui/webapplication.cpp | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/webui/webapplication.cpp b/src/webui/webapplication.cpp
index e96a469bb..ba24b9049 100644
--- a/src/webui/webapplication.cpp
+++ b/src/webui/webapplication.cpp
@@ -173,9 +173,14 @@ WebApplication::~WebApplication()
 
 void WebApplication::sendWebUIFile()
 {
-    const QStringList pathItems {request().path.split(u'/', Qt::SkipEmptyParts)};
-    if (pathItems.contains(u".") || pathItems.contains(u".."))
-        throw InternalServerErrorHTTPError();
+    if (request().path.contains(u'\\'))
+        throw BadRequestHTTPError();
+
+    if (const QList<QStringView> pathItems = QStringView(request().path).split(u'/', Qt::SkipEmptyParts)
+            ; pathItems.contains(u".") || pathItems.contains(u".."))
+    {
+        throw BadRequestHTTPError();
+    }
 
     const QString path = (request().path != u"/")
         ? request().path