fix: asset path traversal on windows

server/helpers/page.js

@@ -35,6 +35,8 @@ module.exports = {
     rawPath = rawPath.replace(unsafeCharsRegex, '')
     if (rawPath === '') { rawPath = 'home' }
 
+    rawPath = rawPath.replaceAll('\\', '').replaceAll('//', '').replaceAll(/\.\.+/ig, '')
+
     // Extract Info
     let pathParts = _.filter(_.split(rawPath, '/'), p => {
       p = _.trim(p)