Package de.hybris.platform.acceleratorservices.util

Class PathTraversalResourceUtils

  • public final class PathTraversalResourceUtils
extends java.lang.Object
    Utility class verify the path for security purposes.

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void assertPathSegmentIsSecure​(java.lang.String pathSegment)
      Asserts that a given String represents a single path segment that can securely be used to access a file-system or classpath resource.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • assertPathSegmentIsSecure

        public static void assertPathSegmentIsSecure​(java.lang.String pathSegment)
        Asserts that a given String represents a single path segment that can securely be used to access a file-system or classpath resource.

        This assertion is performed in a platform independent but very conservative manner. In particular, the following conditions must be met:
        * The pathSegment must not contain sequence of two periods followed by a forward slash or back slash. (These represent the parent directory respectively on many file-systems.) In the form ../ or ..\

        Parameters:
        pathSegment - the path segment to check
        Throws:
        PathTraversalException - if the pathSegment is not considered secure.