[Security][Bugfix] Fix directory traversal exploit (#1907)
* [Security][Bugfix] Fix directory traversal exploit 1.The first slash will act as root path when resolving local path, so directory traversal is possible 2.Filter the illegal payload to prevent directory traversal 3.This also fix the bug about not loading the files in data folder when querying `/hk4e/announcement/` * Fix formatting * Update src/main/java/emu/grasscutter/server/http/handlers/AnnouncementsHandler.java
Please register or sign in to comment