From f709cdd87a358dd23e0d60d00755b6c9b7b71e9c Mon Sep 17 00:00:00 2001
From: Stephen Mustgrave <smustgrave@gmail.com>
Date: Thu, 30 May 2024 20:10:01 -0400
Subject: [PATCH] Issue #3450318 by coffeemakr: Path traversal check is done
 twice

---
 src/EventSubscriber/StageFileProxySubscriber.php | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/src/EventSubscriber/StageFileProxySubscriber.php b/src/EventSubscriber/StageFileProxySubscriber.php
index 7b81f08..c4ad689 100644
--- a/src/EventSubscriber/StageFileProxySubscriber.php
+++ b/src/EventSubscriber/StageFileProxySubscriber.php
@@ -76,11 +76,6 @@ class StageFileProxySubscriber implements EventSubscriberInterface {
       return;
     }
 
-    // Disallow directory traversal.
-    if (in_array('..', explode('/', $request_path))) {
-      return;
-    }
-
     // Moving to parent directory is insane here, so prevent that.
     if (in_array('..', explode('/', $request_path))) {
       return;
-- 
GitLab