diff options
Diffstat (limited to 'src/examples/fileserver_example.c')
| -rw-r--r-- | src/examples/fileserver_example.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/examples/fileserver_example.c b/src/examples/fileserver_example.c index 767810f9..94c2ca95 100644 --- a/src/examples/fileserver_example.c +++ b/src/examples/fileserver_example.c | |||
| @@ -69,13 +69,13 @@ ahc_echo (void *cls, | |||
| 69 | *ptr = &aptr; | 69 | *ptr = &aptr; |
| 70 | return MHD_YES; | 70 | return MHD_YES; |
| 71 | } | 71 | } |
| 72 | *ptr = NULL; /* reset when done */ | 72 | *ptr = NULL; /* reset when done */ |
| 73 | /* WARNING: direct usage of url as filename is for example only! | 73 | /* WARNING: direct usage of url as filename is for example only! |
| 74 | * NEVER pass received data directly as parameter to file manipulation | 74 | * NEVER pass received data directly as parameter to file manipulation |
| 75 | * functions. Always check validity of data before using. | 75 | * functions. Always check validity of data before using. |
| 76 | */ | 76 | */ |
| 77 | if (NULL != strstr (url, "../")) /* Very simplified check! */ | 77 | if (NULL != strstr (url, "../")) /* Very simplified check! */ |
| 78 | fd = -1; /* Do not allow usage of parent directories. */ | 78 | fd = -1; /* Do not allow usage of parent directories. */ |
| 79 | else | 79 | else |
| 80 | fd = open (url + 1, O_RDONLY); | 80 | fd = open (url + 1, O_RDONLY); |
| 81 | if (-1 != fd) | 81 | if (-1 != fd) |