Skip to content

Commit 72374da

Browse files
RomanBachaloSigmaSoftwareRomanBachaloSigmaSoftware
committed
codeql fix
1 parent 612139e commit 72374da

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

app/eSignature/examples/eg007_envelope_get_doc.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
from datetime import datetime as dt, timezone
22
from docusign_esign import EnvelopesApi
33
from flask import request, session
4+
from werkzeug.utils import secure_filename
45

56
from ...consts import pattern
67
from ...docusign import create_api_client
@@ -76,4 +77,7 @@ def worker(args):
7677
else:
7778
mimetype = "application/octet-stream"
7879

80+
# Sanitize the document name before using it as a download filename
81+
doc_name = secure_filename(doc_name)
82+
7983
return {"mimetype": mimetype, "doc_name": doc_name, "data": document_bytes}

0 commit comments

Comments
 (0)