MCPcopy Index your code
hub / github.com/codeaashu/claude-code / isPathSafe

Function isPathSafe

src/utils/dxt/zip.ts:44–58  ·  view source on GitHub ↗
(filePath: string)

Source from the content-addressed store, hash-verified

42 * Validates a file path to prevent path traversal attacks
43 */
44export function isPathSafe(filePath: string): boolean {
45 if (containsPathTraversal(filePath)) {
46 return false
47 }
48
49 // Normalize the path to resolve any '.' segments
50 const normalized = normalize(filePath)
51
52 // Check for absolute paths (we only want relative paths in archives)
53 if (isAbsolute(normalized)) {
54 return false
55 }
56
57 return true
58}
59
60/**
61 * Validates a single file during zip extraction

Callers 1

validateZipFileFunction · 0.85

Calls 2

containsPathTraversalFunction · 0.85
normalizeFunction · 0.50

Tested by

no test coverage detected