From f2e3cdd9ff8cd16ab8c49df9771eceb52bf89dbc Mon Sep 17 00:00:00 2001
From: Luna Mendes <luna@elixi.re>
Date: Mon, 19 Nov 2018 01:45:35 -0300
Subject: [PATCH] static: use Path.cwd

---
 litecord/blueprints/static.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/litecord/blueprints/static.py b/litecord/blueprints/static.py
index 3b9f703..8c5ae01 100644
--- a/litecord/blueprints/static.py
+++ b/litecord/blueprints/static.py
@@ -6,4 +6,8 @@ bp = Blueprint('static', __name__)
 
 @bp.route('/<path:path>')
 async def static_pages(path):
-    return app.send_static_file(str(Path(f'./static/{path}')))
+    if '..' in path:
+        return 'no', 404
+
+    static_path = Path.cwd() / Path('static') / path
+    return await app.send_static_file(str(static_path))