UNPKG

@dollhousemcp/mcp-server

Version:

DollhouseMCP - A Model Context Protocol (MCP) server that enables dynamic AI persona management from markdown files, allowing Claude and other compatible AI assistants to activate and switch between different behavioral personas.

61 lines 2.74 kB
export declare class PathValidator { private static ALLOWED_DIRECTORIES; private static ALLOWED_EXTENSIONS; private static resolvedAllowedDirs; static initialize(personasDir: string, allowedExtensions?: string[]): void; /** * Get allowed directories with symlinks resolved * Caches the result to avoid repeated filesystem calls */ private static getResolvedAllowedDirectories; /** * SECURITY FIX #1290: Resolve symlinks to prevent path traversal * Helper function to resolve symlinks in paths */ private static resolveSymlinks; /** * Helper to resolve symlinks in parent directory when target doesn't exist */ private static resolveParentSymlink; /** * Validate that the real path is within allowed directories * FIX: Now resolves symlinks in allowed directories to handle macOS /tmp -> /private/tmp */ private static validatePathIsAllowed; /** * Validate filename extension and format */ private static validateFilename; /** * Validate element path WITHOUT resolving symlinks * Used by BaseElementManager to validate paths while preserving the original path representation * * SECURITY: Rejects symlinks that point outside the allowed directory * * @param absolutePath - Absolute path to validate * @param allowedDir - Base directory that the path must be within * @throws Error if path is invalid, is a symlink pointing outside allowed directory, or outside allowed directory */ static validateElementPathOnly(absolutePath: string, allowedDir: string): Promise<void>; /** * Stateless element path validation (generic for all element types) * Used by BaseElementManager for validating paths across all element types. * * @param userPath - User-provided path to validate * @param allowedDir - Base directory that the path must be within * @returns Validated absolute path with symlinks resolved * @deprecated Use validateElementPathOnly() for path validation without resolution */ static validateElementPath(userPath: string, allowedDir: string): Promise<string>; /** * @deprecated Use validateElementPath() instead. This method uses class-level state. * Validate a persona path against pre-initialized allowed directories. * * @param userPath - User-provided path to validate * @returns Validated absolute path with symlinks resolved */ static validatePersonaPath(userPath: string): Promise<string>; static safeReadFile(filePath: string): Promise<string>; static safeWriteFile(filePath: string, content: string): Promise<void>; } //# sourceMappingURL=pathValidator.d.ts.map