|
|
@ -173,9 +173,14 @@ WebApplication::~WebApplication() |
|
|
|
|
|
|
|
|
|
|
|
void WebApplication::sendWebUIFile() |
|
|
|
void WebApplication::sendWebUIFile() |
|
|
|
{ |
|
|
|
{ |
|
|
|
const QStringList pathItems {request().path.split(u'/', Qt::SkipEmptyParts)}; |
|
|
|
if (request().path.contains(u'\\')) |
|
|
|
if (pathItems.contains(u".") || pathItems.contains(u"..")) |
|
|
|
throw BadRequestHTTPError(); |
|
|
|
throw InternalServerErrorHTTPError(); |
|
|
|
|
|
|
|
|
|
|
|
if (const QList<QStringView> pathItems = QStringView(request().path).split(u'/', Qt::SkipEmptyParts) |
|
|
|
|
|
|
|
; pathItems.contains(u".") || pathItems.contains(u"..")) |
|
|
|
|
|
|
|
{ |
|
|
|
|
|
|
|
throw BadRequestHTTPError(); |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
const QString path = (request().path != u"/") |
|
|
|
const QString path = (request().path != u"/") |
|
|
|
? request().path |
|
|
|
? request().path |
|
|
|