aac.in_out.paths¶

Module for shared path functions.

Functions

`is_same_file`(path1, path2)	Return whether or not path1 and path2 refer to the same file.
`sanitize_filesystem_path`(file_path)	Sanitizes user-provided file path strings to prevent injection and tampering of filesystem paths.

aac.in_out.paths.is_same_file(path1: str, path2: str) → bool[source]¶

Return whether or not path1 and path2 refer to the same file.

Parameters:

path1 (str) – The first path to compare.
path2 (str) – The second path to compare.

Returns:

Return True if both paths refer to the same file; False, otherwise.

Return type:

bool

aac.in_out.paths.sanitize_filesystem_path(file_path: str) → str[source]¶

Sanitizes user-provided file path strings to prevent injection and tampering of filesystem paths.

This function does not determine if a user can write to the path location, it only sanitizes and evaluates the path to a full path. The user must still check that the path is a valid destination.

This function performs the following sanitizing actions:

Removes any URL encoding

Converts the path to an ASCII encoding

Replaces instances of / or with os-specific path separators

Normalizes the path

Determines the realpath if symbolic links are used

Ensures that the path is an absolute path

Path Traversal Security References:

OWASP https://owasp.org/www-community/attacks/Path_Traversal

Parameters:: file_path (str) – The file path to sanitize
Returns:: A sanitized filepath.
Return type:: str