check file access by using a custom effect #176
Description
The effect opening the file - represented by a String - would still need to normalize the path, then check if allowed. The advantage would be that this logic would be in one place only. So we would have just a handful of condition to check, basically just sth. like:
- All code opening files uses the custom effect
- The logic in the custom effect is correct
Instead of relying on multiple places to work together for correctness.
Originally posted by @michaellilltokiwa in #164
In the long term, we should use a custom effect to ensure that the webserver only accesses files inside its webroot.