Patched arbitrary file system access vulnerability and visual changes

2023-08-04 20:45:25 +02:00
parent 9953ef8aab
commit 59bacdbe6d
8 changed files with 128 additions and 104 deletions
--- a/templates/collection.html
+++ b/templates/collection.html
@@ -25,7 +25,7 @@
            </div>
        </div>
        <div class="container" style="padding: 1.5%">
-            <form action="/download/{{ videos[0]['path'] }}">
+            <form action="/download/{{ folder }}">
                <input type="submit" class="btn btn-primary float-end" value="Download all"/>
            </form>
        </div>