security in path list

2026-06-19 15:41:03 +02:00
parent 377e602bd3
commit 77a6902b13
2 changed files with 66 additions and 29 deletions
@@ -1048,6 +1048,9 @@
              },
              "fallback": {
                "type": "boolean"
+              },
+              "access_policy": {
+                "type": "string"
              }
            },
            "type": "object"
@@ -5697,8 +5700,8 @@
            "sessionCookie": []
          }
        ],
-        "summary": "Browse allowed rTorrent directories",
-        "description": "Lists only the rTorrent home or default download directory tree. Requests outside these roots fall back to the default download directory."
+        "summary": "Browse rTorrent-readable directories",
+        "description": "Lists directories that the rTorrent process can enter and read. The filesystem root is never listed; denied or unreadable requests fall back to the first accessible download-space candidate."
      }
    },
    "/api/path/default": {