42 lines
1.3 KiB
Diff
42 lines
1.3 KiB
Diff
--- a/trytond/trytond/wsgi.py
|
|
+++ b/trytond/trytond/wsgi.py
|
|
@@ -4,6 +4,7 @@
|
|
import http.client
|
|
import logging
|
|
import os
|
|
+import posixpath
|
|
import sys
|
|
import traceback
|
|
import urllib.parse
|
|
@@ -25,6 +26,10 @@
|
|
except ImportError:
|
|
from werkzeug.contrib.fixers import ProxyFix as NumProxyFix
|
|
try:
|
|
+ from werkzeug.security import safe_join
|
|
+except ImportError:
|
|
+ safe_join = posixpath.join
|
|
+try:
|
|
from werkzeug.middleware.shared_data import SharedDataMiddleware
|
|
except ImportError:
|
|
from werkzeug.wsgi import SharedDataMiddleware
|
|
@@ -201,13 +206,14 @@
|
|
def get_directory_loader(self, directory):
|
|
def loader(path):
|
|
if path is not None:
|
|
- path = os.path.join(directory, path)
|
|
+ path = safe_join(directory, path)
|
|
else:
|
|
path = directory
|
|
- if os.path.isdir(path):
|
|
- path = os.path.join(path, 'index.html')
|
|
- if os.path.isfile(path):
|
|
- return os.path.basename(path), self._opener(path)
|
|
+ if path is not None:
|
|
+ if os.path.isdir(path):
|
|
+ path = posixpath.join(path, 'index.html')
|
|
+ if os.path.isfile(path):
|
|
+ return os.path.basename(path), self._opener(path)
|
|
return None, None
|
|
return loader
|
|
|