Problem:
In frontend page, it responses code 403 when invoking "/api/fs/list" api to fetch file list in current workdir.
Version:
aioncore-v0.1.30
api:
/api/fs/list
request params:
{
"root": "E:\git_new\test"
}
response:
{
"success": false,
"error": "Path is outside the allowed sandbox.",
"code": "PATH_OUTSIDE_SANDBOX",
"details": {
"field": "path",
"operation": "access"
}
}
Guess the reason:
- The extra.workspace for the session is E:\git_new\test
The frontend calls POST /api/fs/list with the workspace path, body: {"root": "E:\git_new\test"}
- The backend list_workspace_files uses allowed_roots (only containing temp_dir + home_dir + work_dir) for sandbox verification
- E:\git_new\test is not under allowed_roots → return PATH_OUTSIDE_SANDBOX
Problem:
In frontend page, it responses code 403 when invoking "/api/fs/list" api to fetch file list in current workdir.
Version:
aioncore-v0.1.30
api:
/api/fs/list
request params:
{
"root": "E:\git_new\test"
}
response:
{
"success": false,
"error": "Path is outside the allowed sandbox.",
"code": "PATH_OUTSIDE_SANDBOX",
"details": {
"field": "path",
"operation": "access"
}
}
Guess the reason:
The frontend calls POST /api/fs/list with the workspace path, body: {"root": "E:\git_new\test"}