fixed path traversal issue

cs-raj · cs-raj · commit fd3316eddcbf · 2025-01-17T10:26:34.000+05:30
diff --git a/src/lib/helper.ts b/src/lib/helper.ts
@@ -1 +1,5 @@
-export const sanitizePath = (str: string) => str?.replace(/^(\.\.(\/|\\|$))+/, '');
+export const sanitizePath = (str: string) =>
+  str
+    ?.replace(/^([\/\\])+/, "./") // Normalize leading slashes/backslashes to './'
+    .replace(/[\/\\]+/g, "/") // Replace multiple slashes/backslashes with a single '/'
+    .replace(/(\.\.(\/|\\|$))+/g, ""); // Remove directory traversal (../ or ..\)
