Author: jezdez
Date: 2011-01-01 19:31:55 -0600 (Sat, 01 Jan 2011)
New Revision: 15127
Modified:
django/trunk/django/contrib/staticfiles/finders.py
Log:
Safely join paths in staticfiles finder.
Modified: django/trunk/django/contrib/staticfiles/finders.py
===================================================================
--- django/trunk/django/contrib/staticfiles/finders.py 2011-01-01 00:37:38 UTC
(rev 15126)
+++ django/trunk/django/contrib/staticfiles/finders.py 2011-01-02 01:31:55 UTC
(rev 15127)
@@ -6,6 +6,7 @@
from django.utils.datastructures import SortedDict
from django.utils.functional import memoize, LazyObject
from django.utils.importlib import import_module
+from django.utils._os import safe_join
from django.contrib.staticfiles import utils
from django.contrib.staticfiles.storage import AppStaticStorage
@@ -83,7 +84,7 @@
if not path.startswith(prefix):
return None
path = path[len(prefix):]
- path = os.path.join(root, path)
+ path = safe_join(root, path)
if os.path.exists(path):
return path
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-upda...@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
