(filePath: string)
| 42 | * Validates a file path to prevent path traversal attacks |
| 43 | */ |
| 44 | export function isPathSafe(filePath: string): boolean { |
| 45 | if (containsPathTraversal(filePath)) { |
| 46 | return false |
| 47 | } |
| 48 | |
| 49 | // Normalize the path to resolve any '.' segments |
| 50 | const normalized = normalize(filePath) |
| 51 | |
| 52 | // Check for absolute paths (we only want relative paths in archives) |
| 53 | if (isAbsolute(normalized)) { |
| 54 | return false |
| 55 | } |
| 56 | |
| 57 | return true |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * Validates a single file during zip extraction |
no test coverage detected