Whew, preventing path traversal attacks when part of the scope of your application is to allow users to upload files to (scoped) arbitrary paths is not easy.
Especially if you're developing something that will possibly run on multiple different file systems.
I am against self baking this kind of stuff because it is just too easy to miss something that tried and tested solutions will not but I have yet to find anything that fits my usecase.
This Mastodon instance is for people interested in technology. Discussions aren't limited to technology, because tech folks shouldn't be limited to technology either!