new changes

2026-04-07 05:17:40 +05:30
parent 1aba57e5ad
commit 60e8d457c4
2 changed files with 3 additions and 3 deletions
--- a/YakPanel-server/backend/app/api/files.py
+++ b/YakPanel-server/backend/app/api/files.py
@@ -21,7 +21,7 @@ def _resolve_path(path: str) -> str:
    if os.name != "nt":
        allowed.append(os.path.abspath("/www"))
    if ".." in path:
-        raise HTTPException(status_code=401, detail="Path traversal not allowed")
+        raise HTTPException(status_code=400, detail="Path traversal not allowed")
    norm_path = path.strip().replace("\\", "/").strip("/")
    # Root or www_root-style path
    if not norm_path or norm_path in ("www", "www/wwwroot", "wwwroot"):
@@ -49,7 +49,7 @@ async def files_list(
    except HTTPException:
        raise
    if not os.path.isdir(full):
-        raise HTTPException(status_code=401, detail="Not a directory")
+        raise HTTPException(status_code=404, detail="Not a directory")
    items = []
    for name in os.listdir(full):
        item_path = os.path.join(full, name)
--- a/YakPanel-server/backend/app/api/logs.py
+++ b/YakPanel-server/backend/app/api/logs.py
@@ -13,7 +13,7 @@ router = APIRouter(prefix="/logs", tags=["logs"])
 def _resolve_log_path(path: str) -> str:
    """Resolve path within www_logs only"""
    if ".." in path:
-        raise HTTPException(status_code=401, detail="Path traversal not allowed")
+        raise HTTPException(status_code=400, detail="Path traversal not allowed")
    cfg = get_runtime_config()
    logs_root = os.path.abspath(cfg["www_logs"])
    path = path.strip().replace("\\", "/").lstrip("/")