10.11.4

2025-10-20 10:50:48 +08:00 · 2025-08-21 21:13:18 +08:00
parent 346c560f8b
commit 2d7effadf9
2 changed files with 4 additions and 5 deletions
--- a/src/Admin/ThingsGateway.Admin.Application/Controller/FileController.cs
+++ b/src/Admin/ThingsGateway.Admin.Application/Controller/FileController.cs
@@ -37,9 +37,8 @@ public class FileController : ControllerBase
        var root = Directory.GetCurrentDirectory();
        var wwwroot = Path.Combine(root, "wwwroot");
        var filePath = Path.Combine(wwwroot, fileName);
-        // 防止路径穿越攻击
 #pragma warning disable CA3003
-        if ((!fileName.StartsWith(@"..\Logs\") && filePath.Contains("..")) || !System.IO.File.Exists(filePath))
+        if ((!(fileName.StartsWith(@"../Logs") || fileName.StartsWith(@"..\Logs")) && filePath.Contains("..")) || !System.IO.File.Exists(filePath))
        {
            return NotFound();
        }
--- a/src/Directory.Build.props
+++ b/src/Directory.Build.props
@@ -1,9 +1,9 @@
 <Project>

 	<PropertyGroup>
-		<PluginVersion>10.11.2</PluginVersion>
-		<ProPluginVersion>10.11.2</ProPluginVersion>
-		<DefaultVersion>10.11.2</DefaultVersion>
+		<PluginVersion>10.11.4</PluginVersion>
+		<ProPluginVersion>10.11.4</ProPluginVersion>
+		<DefaultVersion>10.11.4</DefaultVersion>
 		<AuthenticationVersion>10.11.2</AuthenticationVersion>
 		<SourceGeneratorVersion>10.11.2</SourceGeneratorVersion>
 		<NET8Version>8.0.19</NET8Version>