diff options
author | Frederick Muriuki Muriithi | 2024-02-15 04:55:42 +0300 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-02-15 05:15:08 +0300 |
commit | 164d53f5f53a469730a66a0be0af7016c53f2aa5 (patch) | |
tree | 8c23903ed3a2d373a5078b07d4be55b9c996de67 /qc_app/templates/rqtl2 | |
parent | 6b0ddee7a57a6d2e02024ebcd22dbe915d09e375 (diff) | |
download | gn-uploader-164d53f5f53a469730a66a0be0af7016c53f2aa5.tar.gz |
Provide only the file name, not full path.
There are 2 reasons to provide only the filename and not the full
path:
* Security: We do not want to inadvertently expose the paths to the
outside world, or allow users to enter file system paths for this
system.
* The code does not assume a complete path, rather, it builds the path
to the upload directory using the filename received from the user.
Diffstat (limited to 'qc_app/templates/rqtl2')
-rw-r--r-- | qc_app/templates/rqtl2/rqtl2-qc-job-results.html | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/qc_app/templates/rqtl2/rqtl2-qc-job-results.html b/qc_app/templates/rqtl2/rqtl2-qc-job-results.html index cfa2a9c..52a230a 100644 --- a/qc_app/templates/rqtl2/rqtl2-qc-job-results.html +++ b/qc_app/templates/rqtl2/rqtl2-qc-job-results.html @@ -55,7 +55,7 @@ <span class="form-col-2">{{rqtl2bundleorig}}</span> <span class="form-col-1">Internal Name</span> - <span class="form-col-2">{{rqtl2bundle.name[0:25]}}…</span> + <span class="form-col-2">{{rqtl2bundle[0:25]}}…</span> </fieldset> <fieldset> |