From 291b6aef376e6ddef2ad1f2f6f156aa9a62f8644 Mon Sep 17 00:00:00 2001
From: "brian.orwe" <brian.orwe@gmail.com>
Date: Thu, 3 Feb 2022 13:28:45 +0300
Subject: [PATCH 1/4] Fix vcpkg.json to work with those building on linux

---
 vcpkg.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vcpkg.json b/vcpkg.json
index 4ed5030fa..1b678651a 100644
--- a/vcpkg.json
+++ b/vcpkg.json
@@ -31,7 +31,7 @@
             "version>=": "1.70.0"
         },
         {
-            "name": "openssl-windows"
+            "name": "openssl"
         },
         {
             "name": "zlib"

From 155cf759eb7e0b7f92542bf13730574717b3f6cb Mon Sep 17 00:00:00 2001
From: The-EDev <farook@the-e-dev.com>
Date: Tue, 8 Feb 2022 19:11:46 +0300
Subject: [PATCH 2/4] fixed issue where absolute unix paths were not sanitized

---
 include/crow/utility.h | 10 +++++++++-
 tests/unittest.cpp     |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/include/crow/utility.h b/include/crow/utility.h
index 782804971..06d0d3d4c 100644
--- a/include/crow/utility.h
+++ b/include/crow/utility.h
@@ -694,7 +694,15 @@ namespace crow
                 }
                 else if ((c == '/') || (c == '\\'))
                 {
-                    checkForSpecialEntries = true;
+                    //TODO(EDev): uncomment below once #332 is merged
+                    if (/*CROW_UNLIKELY(*/i == 0/*)*/) //Prevent Unix Absolute Paths (Windows Absolute Paths are prevented with `(c == ':')`)
+                    {
+                        data[i] = replacement;
+                    }
+                    else
+                    {
+                        checkForSpecialEntries = true;
+                    }
                 }
             }
         }
diff --git a/tests/unittest.cpp b/tests/unittest.cpp
index 10d49ccd1..34c6be839 100644
--- a/tests/unittest.cpp
+++ b/tests/unittest.cpp
@@ -2473,6 +2473,7 @@ TEST_CASE("sanitize_filename")
     CHECK(sanitize_filename("abc/COM9") == "abc/_");
     CHECK(sanitize_filename("abc/COM") == "abc/COM");
     CHECK(sanitize_filename("abc/CON") == "abc/_");
+    CHECK(sanitize_filename("/abc/") == "_abc/");
 }
 
 TEST_CASE("get_port")

From 6ad068494f215c5bed1e7eb309362ec28190cffd Mon Sep 17 00:00:00 2001
From: The-EDev <farook@the-e-dev.com>
Date: Tue, 8 Feb 2022 19:14:55 +0300
Subject: [PATCH 3/4] sanitize load_text() path

---
 include/crow/mustache.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/crow/mustache.h b/include/crow/mustache.h
index b660c87fc..85ae6f668 100644
--- a/include/crow/mustache.h
+++ b/include/crow/mustache.h
@@ -632,7 +632,9 @@ namespace crow
 
         inline std::string load_text(const std::string& filename)
         {
-            return detail::get_loader_ref()(filename);
+            std::string filename_sanitized(filename);
+            utility::sanitize_filename(filename_sanitized);
+            return detail::get_loader_ref()(filename_sanitized);
         }
 
         inline template_t load(const std::string& filename)

From dcd2b0c318cf7af8040605c7fb162cd0b98c8da4 Mon Sep 17 00:00:00 2001
From: The-EDev <farook@the-e-dev.com>
Date: Tue, 8 Feb 2022 19:22:09 +0300
Subject: [PATCH 4/4] format

---
 include/crow/utility.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/crow/utility.h b/include/crow/utility.h
index 06d0d3d4c..3dd63f9a3 100644
--- a/include/crow/utility.h
+++ b/include/crow/utility.h
@@ -695,7 +695,7 @@ namespace crow
                 else if ((c == '/') || (c == '\\'))
                 {
                     //TODO(EDev): uncomment below once #332 is merged
-                    if (/*CROW_UNLIKELY(*/i == 0/*)*/) //Prevent Unix Absolute Paths (Windows Absolute Paths are prevented with `(c == ':')`)
+                    if (/*CROW_UNLIKELY(*/ i == 0 /*)*/) //Prevent Unix Absolute Paths (Windows Absolute Paths are prevented with `(c == ':')`)
                     {
                         data[i] = replacement;
                     }