Project

General

Profile

Bug #9074

Doc promotes inadequate way to sanitize a filename

Added by cphoenix (Chris Phoenix) almost 7 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Normal
Target version:
-
ruby -v:
2.0.0
[ruby-core:58137]

Description

http://www.ruby-doc.org/stdlib-2.0.0/libdoc/drb/rdoc/DRb.html
also http://www.ruby-doc.org/stdlib-1.8.7/libdoc/drb/rdoc/DRb.html

The "server" example for the "Logger" contains these lines:
# make the filename safe, then declare it to be so
fname = name.gsub(/[.\/]/, "_").untaint

On Windows, backslash is a separator character. The above gsub does not remove backslash.

Also available in: Atom PDF