projects / BackupPC.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
* A failed full dump is now saved as a partial (incomplete) dump,
[BackupPC.git] / lib / BackupPC / CGI / Browse.pm
diff --git a/lib/BackupPC/CGI/Browse.pm b/lib/BackupPC/CGI/Browse.pm
index 3993b94..aeb006b 100644 (file)
--- a/lib/BackupPC/CGI/Browse.pm
+++ b/lib/BackupPC/CGI/Browse.pm
@@ -84,6 +84,9 @@ sub action
     $dir = "/$dir" if ( $dir !~ /^\// );
     my $relDir  = $dir;
     my $currDir = undef;
+    if ( $dir =~ m{(^|/)\.\.(/|$)} ) {
+        ErrorExit($Lang->{Nice_try__but_you_can_t_put});
+    }
 
     #
     # Loop up the directory tree until we hit the top.
BackupPC search extension