ccopeland/red
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(07-04): restrict /file route to original PDF only (LEGAL-03)

Browse Source 
- Remove signedFilePath fallback from /file route
- Route now always serves doc.filePath (unsigned original)
- Signed PDF exclusively available via presigned /download?adt=[token]
This commit is contained in:
Chandler Copeland
2026-03-21 10:53:56 -06:00
parent 6239a30bfd
commit 6775cc76eb
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
teressa-copeland-homes/src/app/api/documents/[id]/file/route.ts
View File

@@ -21,8 +21,8 @@ export async function GET(
});
if (!doc || !doc.filePath) return new Response('Not found', { status: 404 });
// Serve signed PDF for completed documents, original otherwise
const relativePath = doc.signedFilePath ?? doc.filePath;
// Serve the original unsigned PDF only — see LEGAL-03
const relativePath = doc.filePath;
const filePath = path.join(UPLOADS_BASE, relativePath);
// Path traversal guard — critical security check