From daa0082e631870840a2391dfa9b785df80995071 Mon Sep 17 00:00:00 2001
From: Seb3thehacker <88462253+Seb3thehacker@users.noreply.github.com>
Date: Thu, 24 Mar 2022 09:11:18 +0000
Subject: [PATCH] Fix security issue

---
 auth/apikeys/apikeys.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth/apikeys/apikeys.go b/auth/apikeys/apikeys.go
index d2a592d..07ee983 100644
--- a/auth/apikeys/apikeys.go
+++ b/auth/apikeys/apikeys.go
@@ -77,7 +77,7 @@ func CheckAuth(authKeys []string, key string) (result bool, err error) {
 
 func (a ApiKeysMiddleware) getSitePrefix() string {
 	prefix := a.o.SitePath
-	if len(prefix) <= 0 || prefix[0] != '/' {
+	if len(prefix) > 1 && redir[0] == '/' && redir[1] != '/' && redir[1] != '\\' {
 		prefix = "/" + prefix
 	}
 	return prefix