first attempt to solve path traversal vulnerability with unsanitized …

…input
JasperFx · Jul 24, 2024 · 48e11cd · 48e11cd
1 parent 79050a9
commit 48e11cd
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/src/Alba/HttpRequestBody.cs b/src/Alba/HttpRequestBody.cs
@@ -44,17 +44,16 @@ public void XmlInputIs(object target)
 
         private void writeTextToBody(string json, HttpContext context)
         {
-            var stream = context.Request.Body;
-
-            var writer = new StreamWriter(stream);
+            var stream = new MemoryStream();
+            using var writer = new StreamWriter(stream);
             writer.Write(json);
             writer.Flush();
-
             stream.Position = 0;
-
+            context.Request.Body = stream;
             context.Request.ContentLength = stream.Length;
         }
 
+
         public void WriteFormData(Dictionary<string, string> input)
         {
             _parent.ConfigureHttpContext(context =>