flask.safe_join¶

flask.safe_join(directory, filename)[source]¶

Safely join directory and filename.

Example usage:

@app.route('/wiki/<path:filename>')
def wiki_page(filename):
    filename = safe_join(app.config['WIKI_FOLDER'], filename)
    with open(filename, 'rb') as fd:
        content = fd.read()  # Read and process the file content...

Parameters:	directory – the base directory. filename – the untrusted filename relative to that directory.
Raises:	NotFound if the resulting path would fall out of directory.