Commit 6577b63
committed
fix(entity-io): reject unsafe entity type values before joining paths
Validate entity_type against a safe pattern to prevent path traversal
(e.g. ../outside or /tmp/escape) when constructing the subdirectory.
Addresses CodeRabbit review finding: Reject unsafe type values before joining paths1 parent 7f53363 commit 6577b63
1 file changed
Lines changed: 2 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
252 | 252 | | |
253 | 253 | | |
254 | 254 | | |
| 255 | + | |
| 256 | + | |
255 | 257 | | |
256 | 258 | | |
257 | 259 | | |
| |||
0 commit comments