Atlassian JIRA
| java.lang.Object | |
| ↳ | com.atlassian.jira.util.PathUtils |
This class contains utility methods for manipulating paths.
| Public Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
Checks if using
untrustedPath would result in path traversal. | |||||||||||
Checks if using
untrustedPath would result in path traversal. | |||||||||||
|
[Expand]
Inherited Methods | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
From class
java.lang.Object
| |||||||||||
Checks if using untrustedPath would result in path traversal. We consider that a path traversal
occurs if the file or directory refered to in untrustedPath is not contained in
secureDir. This method uses the technique described in IDS02-J
in the CERT Secure Coding Standard.
secureDir is assumed to be secure, so this parameter must never contain
user-supplied input.| secureDir | a String containing the path to a "secure" base directory |
|---|---|
| untrustedPath | a String containing a path that was built using user-supplied input (relative or absolute) |
| PathTraversalException | if untrustedPath is not below secureDir |
|---|---|
| IOException | if there is an I/O problem calling java.io.File.getCanonicalPath()
|
Checks if using untrustedPath would result in path traversal. We consider that a path traversal
occurs if the file or directory refered to in untrustedPath is not contained in
secureDir. This method uses the technique described in IDS02-J
in the CERT Secure Coding Standard.
secureDir is assumed to be secure, so this parameter must never contain
user-supplied input.| secureDir | a String containing the path to a "secure" base directory |
|---|---|
| untrustedPath | a String containing a path that was built using user-supplied input (relative or absolute) |
untrustedPath in secureDir| IOException | if there is an I/O problem calling java.io.File.getCanonicalPath()
|
|---|