public class PathUtils extends Object
| Modifier and Type | Method and Description |
|---|---|
static String |
appendFileSeparator(String filePath) |
static void |
ensurePathInSecureDir(String secureDir,
String untrustedPath)
Checks if using
untrustedPath would result in path traversal. |
static boolean |
isChildPath(File parentPath,
File childPath)
Checks if the
childPath is in fact a child path of the provided parentPath. |
static boolean |
isPathInSecureDir(File secureDir,
File untrustedPath)
Checks if using
untrustedPath would result in path traversal. |
static boolean |
isPathInSecureDir(String secureDir,
String untrustedPath)
Checks if using
untrustedPath would result in path traversal. |
static String |
joinPaths(String... paths) |
public static void ensurePathInSecureDir(String secureDir, String untrustedPath) throws PathTraversalException, IOException
untrustedPath would result in path traversal. We consider that a path traversal
occurs if the file or directory referred to in untrustedPath is not contained in
secureDir. This method uses the technique described in IDS02-J
in the CERT Secure Coding Standard.
Note that secureDir is assumed to be secure, so this parameter must never contain
user-supplied input.
secureDir - a String containing the path to a "secure" base directoryuntrustedPath - a String containing a path that was built using user-supplied input (relative or absolute)PathTraversalException - if untrustedPath is not below secureDirIOException - if there is an I/O problem calling java.io.File.getCanonicalPath()public static boolean isPathInSecureDir(String secureDir, String untrustedPath) throws IOException
untrustedPath would result in path traversal. We consider that a path traversal
occurs if the file or directory referred to in untrustedPath is not contained in
secureDir. This method uses the technique described in IDS02-J
in the CERT Secure Coding Standard.
Note that secureDir is assumed to be secure, so this parameter must never contain
user-supplied input.
secureDir - a String containing the path to a "secure" base directoryuntrustedPath - a String containing a path that was built using user-supplied input (relative or absolute)untrustedPath in secureDirIOException - if there is an I/O problem calling java.io.File.getCanonicalPath()public static boolean isPathInSecureDir(File secureDir, File untrustedPath) throws IOException
untrustedPath would result in path traversal. We consider that a path traversal
occurs if the file or directory referred to in untrustedPath is not contained in
secureDir. This method uses the technique described in IDS02-J
in the CERT Secure Coding Standard.
Note that secureDir is assumed to be secure, so this parameter must never contain
user-supplied input.
secureDir - a File representing the path to a "secure" base directoryuntrustedPath - a File representing a path that was built using user-supplied input (relative or absolute)untrustedPath in secureDirIOException - if there is an I/O problem calling java.io.File.getCanonicalPath()public static boolean isChildPath(File parentPath, File childPath) throws IOException
childPath is in fact a child path of the provided parentPath.parentPath - a File representing the path to the parent directorychildPath - a File representing the path to the child directorychildPath is in parentPathIOException - if there is an I/O problem calling java.io.File.getCanonicalPath()Copyright © 2002-2024 Atlassian. All Rights Reserved.