class ViewComponentsSystemTestController

def validate_file_path

the expected directory (e.g. via a path traversal or symlink attack)
Ensure that the file path is valid and doesn't target files outside

def validate_file_path
  base_path = ::File.realpath(self.class.temp_dir)
  @path = ::File.realpath(params.permit(:file)[:file], base_path)
  unless @path.start_with?(base_path)
    raise ViewComponent::SystemTestControllerNefariousPathError
  end
end

Class Methods

:: temp_dir

Instance Methods