Marina Mădăraş requested to merge input-validation into development Aug 11, 2023

What does this mr do?

The file names which were passed as parameters weren't filtered. Closes: #624, #625.

Actions taken to fix bug

The methods which take said file names as parameters, now strip the '../' sequences from them, preventing access to unauthorized directories.

Does this MR meet the acceptance criteria?

I have added a changelog entry to reflect the significant changes I made and the bug I fixed.
A test was created to test the bug.
I have updated the documentation accordingly.
I adhere to the style guide.

Edited Aug 15, 2023 by Marina Mădăraş