From ec5a36c7006066170dad8ce4b1c6ed4edb5cd508 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torma=20Krist=C3=B3f?= <tormakristof@tormakristof.eu>
Date: Thu, 29 Apr 2021 17:45:23 +0200
Subject: [PATCH] do not allow getting out

---
 server/executor.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/server/executor.py b/server/executor.py
index 3543157..55e5817 100644
--- a/server/executor.py
+++ b/server/executor.py
@@ -39,8 +39,11 @@ class Executor:
             p = Path(os.path.join(self.baseDir, self.currentDirectory))
             parentpath = p.parent
             if (str(parentpath) + os.path.sep)== self.baseDir:
+                self.currentDirectory = ""
                 return self.currentDirectory
             else:
+                if len(str(parentpath).split('/')) < len(self.baseDir.split('/')):
+                    return self.currentDirectory
                 newpath = str(parentpath).replace(self.baseDir,'')
                 if os.path.exists(os.path.join(self.baseDir,newpath)):
                     self.currentDirectory = newpath