Skip to content

Commit

Permalink
clean getNameFromHeader func.
Browse files Browse the repository at this point in the history
  • Loading branch information
@melbahja
melbahja committed Sep 8, 2020
1 parent 72a11e5 commit 87cdd7a
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions filename.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,12 @@ func GetFilename(URL string) string {

func getNameFromHeader(val string) string {

if val == "" || strings.Contains(val, "..") || strings.Contains(val, "/") || strings.Contains(val, "\\") {
_, params, err := mime.ParseMediaType(val)

// Prevent path traversal
if err != nil || strings.Contains(params["filename"], "..") || strings.Contains(params["filename"], "/") || strings.Contains(params["filename"], "\\") {
return ""
}

_, params, _ := mime.ParseMediaType(val)

return params["filename"]
}

0 comments on commit 87cdd7a

Please sign in to comment.