Package com.inductiveautomation.ignition.common.util

Class SecurePathUtils

  • public final class SecurePathUtils
extends java.lang.Object

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.nio.file.Path resolvePath​(java.nio.file.Path baseDirPath, java.lang.String first, java.lang.String... more)
      Resolves an untrusted user-specified path against the API's base directory.
      static java.nio.file.Path resolvePath​(java.nio.file.Path baseDirPath, java.nio.file.Path userPath)
      Resolves an untrusted user-specified path against the API's base directory.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • resolvePath

        public static java.nio.file.Path resolvePath​(java.nio.file.Path baseDirPath,
                                             java.nio.file.Path userPath)
        Resolves an untrusted user-specified path against the API's base directory. Paths that try to escape the base directory are rejected.

        Credit to: https://stackoverflow.com/questions/33083397/filtering-upwards-path-traversal-in-java-or-scala

        Parameters:
        baseDirPath - the absolute path of the base directory that all user-specified paths should be within
        userPath - the untrusted path provided by the API user, expected to be relative to baseDirPath
        Returns:
        the resolved path
        Throws:
        java.lang.IllegalArgumentException - if baseDirPath is not absolute, userPath is absolute, or if userPath tries to escape baseDirPath

      • resolvePath

        public static java.nio.file.Path resolvePath​(java.nio.file.Path baseDirPath,
                                             java.lang.String first,
                                             java.lang.String... more)
        Resolves an untrusted user-specified path against the API's base directory. Paths that try to escape the base directory are rejected. The userPath is built from the parts given by first, ..., more arguments using the baseDirPath's FileSystem.
        Parameters:
        baseDirPath - the absolute path of the base directory that all user-specified paths should be within
        first - the path string or initial part of the path string
        more - additional strings to be joined to form the path string
        Returns:
        the resolved path
        Throws:
        java.lang.IllegalArgumentException - if baseDirPath is not absolute, or if the first,...,more path parts forms a userPath that is absolute or tries to escape baseDirPath
        See Also:
        resolvePath(Path, Path), FileSystem.getPath(String, String...)