Update add-netlify-links.yml

mongoKart · web-flow · commit f8fc2086614b · 2024-10-17T12:24:16.000-05:00
diff --git a/.github/workflows/add-netlify-links.yml b/.github/workflows/add-netlify-links.yml
@@ -24,11 +24,22 @@ jobs:
             env:
                 CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
             run: |
+              # Function to sanitize file paths
+              sanitize_file_path() {
+                local file_path="$1"
+                # Allow only alphanumeric characters, _ . / and -
+                if [[ ! "$file_path" =~ ^[a-zA-Z0-9._/-]+$ ]]; then
+                  echo "Invalid file path detected: $file_path" >&2
+                  exit 1
+                fi
+              }
+              
               new_links=""
               base_link='https://deploy-preview-${{ github.event.number }}--mongodb-docs-csharp.netlify.app'
               files=$(echo "$CHANGED_FILES" | tr "," "\n")
               for file in $files; do
                 echo "processing ${file}"
+                sanitize_file_path "$file"
                 if (! grep -s "includes/"  <<< $file) && 
                     (! grep -s "images/"  <<< $file) && 
                     (! grep -s "examples/"  <<< $file); then
