WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #48316, comment 26


Ignore:
Timestamp:
11/25/2019 12:44:38 AM (6 months ago)
Author:
DreadLox
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #48316, comment 26

    initial v1  
    1 I think we should use realpath() to build the upload dir **base** path and then url which have to exists. It would be simplier and faster and would resolve any back ref (../). Then we forbid any ../ in final paths (to directories or files)
     1I think we should use realpath() to build the upload dir **base** path and then url which have to exist. It would be simplier and faster and would resolve any back ref (../). Then we forbid any ../ in final paths (to directories or files)