blob: 3686d1880ce9f3b3f4533c81fd22e44bf4485c14 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
// Copyright Epic Games, Inc. All Rights Reserved.
#pragma once
#include <zenhttp/localrefpolicy.h>
#include <filesystem>
#include <string>
namespace zen {
/// Local ref policy that restricts file paths to a canonical data root directory.
/// Uses weakly_canonical + string prefix comparison to detect path traversal.
class DataRootLocalRefPolicy : public ILocalRefPolicy
{
public:
explicit DataRootLocalRefPolicy(const std::filesystem::path& DataRoot);
void ValidatePath(const std::filesystem::path& Path) const override;
private:
std::string m_CanonicalRoot;
};
} // namespace zen
|