libb.safe_join

safe_join(directory, *pathnames)

Safely join untrusted path components to a base directory.

Prevents escaping the base directory via path traversal.

Parameters:

• directory (str) – The trusted base directory.

• pathnames (str) – The untrusted path components relative to base.

Returns:

A safe path, or None if path would escape base.

Return type:

str | None

Note

Via github.com/mitsuhiko/werkzeug security.py