johanels/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2025-12-12 00:34:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

API: Improve request parameter sanitation #1814

Browse Source
This commit is contained in:
Michael Mayer
2021-12-14 18:34:52 +01:00
parent 9a8144c046
commit 4e94919030
34 changed files with 338 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/api/file_delete.go
View File

@@ -4,6 +4,8 @@ import (
"net/http"
"path/filepath"
"github.com/photoprism/photoprism/pkg/sanitize"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/acl"
"github.com/photoprism/photoprism/internal/event"
@@ -35,8 +37,8 @@ func DeleteFile(router *gin.RouterGroup) {
return
}
photoUID := c.Param("uid")
fileUID := c.Param("file_uid")
photoUID := sanitize.IdString(c.Param("uid"))
fileUID := sanitize.IdString(c.Param("file_uid"))
file, err := query.FileByUID(fileUID)