From 8ea136526fad2441948acdec3ea70e6f4dba02c6 Mon Sep 17 00:00:00 2001
From: Amirreza Sistanei <reza.sys@gmail.com>
Date: Thu, 15 Jun 2023 14:02:01 +0330
Subject: [PATCH] Issue number 683 solved | Laravel 10 | Path traversal
 detected

---
 src/Writing/Writer.php | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/src/Writing/Writer.php b/src/Writing/Writer.php
index efc638f0..c3a03539 100644
--- a/src/Writing/Writer.php
+++ b/src/Writing/Writer.php
@@ -161,7 +161,7 @@ protected function performFinalTasksForLaravelType(): void
         if (!is_dir($this->laravelTypeOutputPath)) {
             mkdir($this->laravelTypeOutputPath, 0777, true);
         }
-        $publicDirectory = app()->get('path.public');
+        $publicDirectory = public_path();
         if (!is_dir($publicDirectory . $this->laravelAssetsPath)) {
             mkdir($publicDirectory . $this->laravelAssetsPath, 0777, true);
         }
@@ -180,8 +180,8 @@ protected function performFinalTasksForLaravelType(): void
         // Rewrite asset links to go through Laravel
         $contents = preg_replace('#href="\.\./docs/css/(.+?)"#', 'href="{{ asset("' . $this->laravelAssetsPath . '/css/$1") }}"', $contents);
         $contents = preg_replace('#src="\.\./docs/(js|images)/(.+?)"#', 'src="{{ asset("' . $this->laravelAssetsPath . '/$1/$2") }}"', $contents);
-        $contents = str_replace('href="../docs/collection.json"', 'href="{{ route("'.$this->docsName.'.postman") }}"', $contents);
-        $contents = str_replace('href="../docs/openapi.yaml"', 'href="{{ route("'.$this->docsName.'.openapi") }}"', $contents);
+        $contents = str_replace('href="../docs/collection.json"', 'href="{{ route("' . $this->docsName . '.postman") }}"', $contents);
+        $contents = str_replace('href="../docs/openapi.yaml"', 'href="{{ route("' . $this->docsName . '.openapi") }}"', $contents);
 
         file_put_contents("$this->laravelTypeOutputPath/index.blade.php", $contents);
     }
@@ -206,9 +206,9 @@ public function writeHtmlDocs(array $groupedEndpoints): void
             $assetsOutputPath = $outputPath;
         } else {
             $outputPath = rtrim($this->laravelTypeOutputPath, '/') . '/';
-            c::success("Wrote Blade docs to: ". $this->makePathFriendly($outputPath));
+            c::success("Wrote Blade docs to: " . $this->makePathFriendly($outputPath));
             $this->generatedFiles['blade'] = realpath("{$outputPath}index.blade.php");
-            $assetsOutputPath = app()->get('path.public') . $this->laravelAssetsPath . '/';
+            $assetsOutputPath = public_path() . $this->laravelAssetsPath . '/';
             c::success("Wrote Laravel assets to: " . $this->makePathFriendly($assetsOutputPath));
         }
         $this->generatedFiles['assets']['js'] = realpath("{$assetsOutputPath}js");
@@ -228,7 +228,7 @@ protected function getLaravelTypeOutputPath(): ?string
     {
         if ($this->isStatic) return null;
 
-        return config('view.paths.0', function_exists('base_path') ? base_path("resources/views") : "resources/views")."/$this->docsName";
+        return config('view.paths.0', function_exists('base_path') ? base_path("resources/views") : "resources/views") . "/$this->docsName";
     }
 
     /**
@@ -241,5 +241,4 @@ protected function makePathFriendly(string $path): string
     {
         return str_replace("\\", "/", str_replace(getcwd() . DIRECTORY_SEPARATOR, "", $path));
     }
-
 }