Potential fix for code scanning alert no. 88: Uncontrolled data used in path expression

[Badatos]

Potential fix for https://github.com/EsupPortail/Esup-Pod/security/code-scanning/88

To address the uncontrolled data used in path expressions, all usage of user-provided data to build file paths for access must be carefully validated and confined to an intended directory. The robust fix is to normalize the input path and verify that it is confined to a known safe root folder.

• Implementation: In the constructor of Encoding_video/Encoding_video_model, when a path such as video_file is accepted, it must be resolved with os.path.normpath and ensured to reside within a trusted base directory (from the project settings or a known safe location).
• In addition, update all call sites that pass video_path from the API to ensure prior validation or sanitization.
• If the base directory is not explicit, determine one (such as MEDIA_ROOT or similar).
• Raise an exception or error if the normalized path attempts to escape the intended root.
• Insert this validation/sanitization logic as early as possible (best in the constructor, so all downstream methods operate on validated paths).
• Required: import os (already present), access to the Django settings (MEDIA_ROOT likely available), fail hard if the check fails.

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.