From d454eb3cd2b087bceb6a36bc5afae7a291ad34af Mon Sep 17 00:00:00 2001
From: Christopher Wellons <mosquitopsu@gmail.com>
Date: Wed, 21 Nov 2012 23:19:50 -0500
Subject: [PATCH] Fix a potential ~ expansion issue in httpd-clean-path.

---
 httpd.el | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/httpd.el b/httpd.el
index 6a8e69e..6c78b9f 100644
--- a/httpd.el
+++ b/httpd.el
@@ -228,9 +228,12 @@
     (httpd-send-buffer proc (current-buffer))))
 
 (defun httpd-clean-path (path)
-  "Clean dangerous .. from the path."
-  (mapconcat 'identity
-	     (delete ".." (split-string (url-unhex-string path) "\\/")) "/"))
+  "Clean dangerous .. and ~ from the path and remove the leading /."
+  (let* ((split (delete ".." (split-string path "/")))
+         (unsplit (mapconcat 'identity (delete "" split) "/")))
+    (if (and (> (length unsplit) 0) (eql ?~ (aref unsplit 0)))
+        (concat "./" unsplit)
+      unsplit)))
 
 (defun httpd-get-ext (path)
   "Get extention from path to determine MIME type."