Index: openacs-4/packages/acs-api-browser/tcl/acs-api-documentation-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-api-browser/tcl/acs-api-documentation-procs.tcl,v diff -u -r1.30.2.21 -r1.30.2.22 --- openacs-4/packages/acs-api-browser/tcl/acs-api-documentation-procs.tcl 13 May 2016 18:00:05 -0000 1.30.2.21 +++ openacs-4/packages/acs-api-browser/tcl/acs-api-documentation-procs.tcl 14 May 2016 11:47:07 -0000 1.30.2.22 @@ -1473,7 +1473,7 @@ @return sanitized path } { set path [ns_normalizepath $path] - if {![string match "$prefix/*" $path]} { + if {![string match "/$prefix/*" $path]} { set filename "$::acs::rootdir/$path" ns_log notice [subst {INTRUDER ALERT:\n\nsomesone tried to snarf '$filename'! file exists: [file exists $filename] user_id: [ad_conn user_id] peer: [ad_conn peeraddr] Index: openacs-4/packages/acs-api-browser/www/procs-file-view.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-api-browser/www/procs-file-view.tcl,v diff -u -r1.8.2.5 -r1.8.2.6 --- openacs-4/packages/acs-api-browser/www/procs-file-view.tcl 13 May 2016 07:08:49 -0000 1.8.2.5 +++ openacs-4/packages/acs-api-browser/www/procs-file-view.tcl 14 May 2016 11:47:07 -0000 1.8.2.6 @@ -32,7 +32,7 @@ } set path [apidoc::sanitize_path $path] -if {![file readable $::acs::rootdir/$path] || [file isdirectory $::acs::rootdir/$path]} { +if {![file readable ${::acs::rootdir}$path] || [file isdirectory ${::acs::rootdir}$path]} { if {[info exists version_id]} { set kind procs set href [export_vars -base [ad_conn package_url]/package-view {version_id {kind procs}}] @@ -76,6 +76,7 @@ } +set path [string trimleft / $path] lappend context [file tail $path] set title [file tail $path]