Fixed SSRF vulnaribility in CodeResourceHandler

Static files other than below the CAE root could be retrieved by manipulating the passed path.

(CMS-28554)