mirror of
https://github.com/pypa/pip
synced 2023-12-13 21:30:23 +01:00
4 lines
180 B
Plaintext
4 lines
180 B
Plaintext
Prevent ``pip install <url>`` from permitting directory traversal if e.g.
|
|
a malicious server sends a ``Content-Disposition`` header with a filename
|
|
containing ``../`` or ``..\\``.
|