From 40bdbce191ad90dfea43dad51fac5c4726b89392 Mon Sep 17 00:00:00 2001
From: bogdanvlviv <bogdanvlviv@gmail.com>
Date: Mon, 15 May 2017 14:17:28 +0000
Subject: Define path with __dir__

".. with __dir__ we can restore order in the Universe." - by @fxn

Related to 5b8738c2df003a96f0e490c43559747618d10f5f
---
 guides/source/security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'guides/source/security.md')

diff --git a/guides/source/security.md b/guides/source/security.md
index 1fcb2fc91f..75522834df 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -356,7 +356,7 @@ send_file('/var/www/uploads/' + params[:filename])
 Simply pass a file name like "../../../etc/passwd" to download the server's login information. A simple solution against this, is to _check that the requested file is in the expected directory_:
 
 ```ruby
-basename = File.expand_path(File.join(File.dirname(__FILE__), '../../files'))
+basename = File.expand_path('../../files', __dir__)
 filename = File.expand_path(File.join(basename, @file.public_filename))
 raise if basename !=
      File.expand_path(File.join(File.dirname(filename), '../../../'))
-- 
cgit v1.2.3