From 155cf759eb7e0b7f92542bf13730574717b3f6cb Mon Sep 17 00:00:00 2001
From: The-EDev <farook@the-e-dev.com>
Date: Tue, 8 Feb 2022 19:11:46 +0300
Subject: [PATCH] fixed issue where absolute unix paths were not sanitized

---
 include/crow/utility.h | 10 +++++++++-
 tests/unittest.cpp     |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/crow/utility.h b/include/crow/utility.h
index 782804971..06d0d3d4c 100644
--- a/include/crow/utility.h
+++ b/include/crow/utility.h
@@ -694,7 +694,15 @@ namespace crow
                 }
                 else if ((c == '/') || (c == '\\'))
                 {
-                    checkForSpecialEntries = true;
+                    //TODO(EDev): uncomment below once #332 is merged
+                    if (/*CROW_UNLIKELY(*/i == 0/*)*/) //Prevent Unix Absolute Paths (Windows Absolute Paths are prevented with `(c == ':')`)
+                    {
+                        data[i] = replacement;
+                    }
+                    else
+                    {
+                        checkForSpecialEntries = true;
+                    }
                 }
             }
         }
diff --git a/tests/unittest.cpp b/tests/unittest.cpp
index 10d49ccd1..34c6be839 100644
--- a/tests/unittest.cpp
+++ b/tests/unittest.cpp
@@ -2473,6 +2473,7 @@ TEST_CASE("sanitize_filename")
     CHECK(sanitize_filename("abc/COM9") == "abc/_");
     CHECK(sanitize_filename("abc/COM") == "abc/COM");
     CHECK(sanitize_filename("abc/CON") == "abc/_");
+    CHECK(sanitize_filename("/abc/") == "_abc/");
 }
 
 TEST_CASE("get_port")