Removed non-generic hard-coded path test

The uri.startsWith("src/main") || uri.endsWith("src/main") test is not useful in general cases, but potentially a bug.
author: elonen <elonen@iki.fi> 2015-05-16 23:51:32 +0300
committer: elonen <elonen@iki.fi> 2015-05-16 23:51:32 +0300
commit: f5ba92b795f457704f29b022c2859523e1b95d23 (patch)
tree: 72eb1554d362fdbdce2eb80d47479563bab54e62 /webserver
parent: ed47140e7b3e560981985d3ede1676564cb4111e (diff)
download: nanohttpd-f5ba92b795f457704f29b022c2859523e1b95d23.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/webserver/src/main/java/fi/iki/elonen/SimpleWebServer.java b/webserver/src/main/java/fi/iki/elonen/SimpleWebServer.java
index a2396e8..8cae9a3 100644
--- a/webserver/src/main/java/fi/iki/elonen/SimpleWebServer.java
+++ b/webserver/src/main/java/fi/iki/elonen/SimpleWebServer.java
@@ -398,7 +398,7 @@ public class SimpleWebServer extends NanoHTTPD {
         }
 
         // Prohibit getting out of current directory
-        if (uri.startsWith("src/main") || uri.endsWith("src/main") || uri.contains("../")) {
+        if (uri.contains("../")) {
             return getForbiddenResponse("Won't serve ../ for security reasons.");
         }
author	elonen <elonen@iki.fi>	2015-05-16 23:51:32 +0300
committer	elonen <elonen@iki.fi>	2015-05-16 23:51:32 +0300
commit	f5ba92b795f457704f29b022c2859523e1b95d23 (patch)
tree	72eb1554d362fdbdce2eb80d47479563bab54e62 /webserver
parent	ed47140e7b3e560981985d3ede1676564cb4111e (diff)
download	nanohttpd-f5ba92b795f457704f29b022c2859523e1b95d23.tar.gz