Examples/Safe_PathTraversal_1.ps1
|
function Get-UserFileContent { param( [string]$baseDir, [string]$relativePathInput ) if($relativePathInput.Contains('..') -or $relativePathInput.Contains(':')) { throw 'Invalid path input.' } $full = [System.IO.Path]::Combine($baseDir, $relativePathInput) $normalized = [System.IO.Path]::GetFullPath($full) $normalizedBase = [System.IO.Path]::GetFullPath($baseDir) if(-not $normalized.StartsWith($normalizedBase, [System.StringComparison]::OrdinalIgnoreCase)) { throw 'Path escapes allowed directory.' } Get-Content -Path $normalized } |