sneak/upaas
1
0
Fork 0
Code Issues 14 Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix: resolve 1.0 audit bugs (closes #104, #105, #106, #107, #108) #109

Merged
sneak merged 6 commits from fix/1.0-audit-bugs into main 2026-02-20 13:47:12 +01:00
Conversation 1 Commits 6 Files Changed 7 +8
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit efd3500dac - Show all commits

8
internal/handlers/app.go
View File

@ -1022,6 +1022,14 @@ func (h *Handlers) HandleVolumeAdd() http.HandlerFunc {
return return
} }
pathErr := validateVolumePaths(hostPath, containerPath)
if pathErr != nil {
h.log.Error("invalid volume path", "error", pathErr)
http.Redirect(writer, request, "/apps/"+application.ID, http.StatusSeeOther)
return
}
volume := models.NewVolume(h.db) volume := models.NewVolume(h.db)
volume.AppID = application.ID volume.AppID = application.ID
volume.HostPath = hostPath volume.HostPath = hostPath