Compare commits

...

2 Commits

Author SHA1 Message Date
Derek 1bb3e59a46
Update readme for bower deps 2018-09-08 17:30:50 -07:00
Derek f2f215acda
Use abspath over realpath
Symbolic links are handy dang it
2018-09-08 17:30:18 -07:00
2 changed files with 7 additions and 4 deletions

View File

@ -10,11 +10,14 @@ It's easy peasy my dude
```bash ```bash
apt install pip3 apt install pip3
pip3 install pipenv pip3 install pipenv
apt install npm
npm install bower
``` ```
2. Get dependencies 2. Get dependencies
```bash ```bash
pipenv Install pipenv install
bower install
``` ```
3. Initialize 3. Initialize

View File

@ -33,11 +33,11 @@ def load_user(id):
limiter = Limiter(app, key_func=flask_limiter.util.get_ipaddr, headers_enabled=True) limiter = Limiter(app, key_func=flask_limiter.util.get_ipaddr, headers_enabled=True)
def is_secure_path(path, servepath=None): def is_secure_path(path, servepath=None):
realpath = os.path.realpath(path) + os.path.sep realpath = os.path.abspath(path) + os.path.sep
if servepath is None: if servepath is None:
servepath = os.path.realpath(app.config['SERVE_DIR']) servepath = os.path.abspath(app.config['SERVE_DIR'])
else: else:
servepath = os.path.realpath(servepath) servepath = os.path.abspath(servepath)
return realpath.startswith(servepath) return realpath.startswith(servepath)