FileSystemStorage(location='/') does not work: SuspiciousOperation
|Reported by:||ben@…||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
>>> from django.core.files.storage import FileSystemStorage >>> >>> LOCAL_FS = FileSystemStorage(location='/', base_url='invalid://') >>> LOCAL_FS.path('anything') Traceback (most recent call last): File "<console>", line 1, in <module> File "/usr/local/lib/python2.5/site-packages/django/core/files/storage.py", line 214, in path raise SuspiciousOperation("Attempted access to '%s' denied." % name) SuspiciousOperation: Attempted access to 'anything' denied.
This is caused because safe_join expects the first character after the storage.location ('base' in safe_join) to be a separator. When base='/foo' this is true because '/foo/anything' has a '/' after '/foo', but when path is '/' you don't get 'anything', you get '/anything', and the first character after '/' is 'a'.
I don't see a way to hack around this because of all the path normalization that goes on. You'd think '/.' might work, but it gets normalized and then fails.
Change History (5)
comment:1 Changed 5 years ago by russellm
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Triage Stage changed from Unreviewed to Accepted