Mercurial > hg > release > icedtea6-1.7

changeset 1926:d133c2298825

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Netx: make path sanitization consistent; use a blacklisting approach. 2010-06-29 Omair Majid <omajid@redhat.com> * netx/net/sourceforge/jnlp/cache/CacheUtil.java (urlToPath): Call FileUtils.sanitizePath. (fixPath): Moved to... * netx/net/sourceforge/jnlp/util/FileUtils.java (sanitizePath): New function. Moved from CacheUtil.java (sanitizeFileName): Use a blacklisting approach rather than a whitelisting approach: should work better with non ascii filenames.
author Omair Majid <omajid@redhat.com>
date Tue, 29 Jun 2010 14:19:38 -0400
parents a8aeb44946cb
children 4bbd10e42fd2
files ChangeLog rt/net/sourceforge/jnlp/cache/CacheUtil.java rt/net/sourceforge/jnlp/util/FileUtils.java
diffstat 3 files changed, 49 insertions(+), 29 deletions(-) [+]
line wrap: on
line diff
--- a/ChangeLog	Fri Jul 09 10:59:53 2010 -0400
+++ b/ChangeLog	Tue Jun 29 14:19:38 2010 -0400
@@ -1,3 +1,13 @@
+2010-06-29 Omair Majid <omajid@redhat.com>
+
+	* netx/net/sourceforge/jnlp/cache/CacheUtil.java
+	(urlToPath): Call FileUtils.sanitizePath.
+	(fixPath): Moved to...
+	* netx/net/sourceforge/jnlp/util/FileUtils.java
+	(sanitizePath): New function. Moved from CacheUtil.java
+	(sanitizeFileName): Use a blacklisting approach rather than a whitelisting
+	approach: should work better with non ascii filenames.
+
 2010-07-09  Deepak Bhole <dbhole@redhat.com>
 
 	* plugin/icedteanp/IcedTeaJavaRequestProcessor.cc: Updated copyright date.
--- a/rt/net/sourceforge/jnlp/cache/CacheUtil.java	Fri Jul 09 10:59:53 2010 -0400
+++ b/rt/net/sourceforge/jnlp/cache/CacheUtil.java	Tue Jun 29 14:19:38 2010 -0400
@@ -26,6 +26,7 @@
 
 import net.sourceforge.jnlp.*;
 import net.sourceforge.jnlp.runtime.*;
+import net.sourceforge.jnlp.util.FileUtils;
 
 /**
  * Provides static methods to interact with the cache, download
@@ -300,23 +301,9 @@
         path.append(File.separatorChar);
         path.append(location.getPath().replace('/', File.separatorChar));
 
-        return new File(JNLPRuntime.getBaseDir(), fixPath(path.toString()));
+        return new File(JNLPRuntime.getBaseDir(), FileUtils.sanitizePath(path.toString()));
     }
 
-    /**
-     * Clean up a string by removing characters that can't appear in
-     * a local file name.
-     */
-    private static String fixPath(String path) {
-        char badChars[] = { '\\', '/', ':', '*', '?', '"', '<', '>', '|' };
-
-        for (int i=0; i < badChars.length; i++)
-            if (badChars[i] != File.separatorChar)
-                if (-1 != path.indexOf(badChars[i]))
-                    path = path.replace(badChars[i], 'X');
-
-        return path;
-    }
 
     /**
      * Waits until the resources are downloaded, while showing a
--- a/rt/net/sourceforge/jnlp/util/FileUtils.java	Fri Jul 09 10:59:53 2010 -0400
+++ b/rt/net/sourceforge/jnlp/util/FileUtils.java	Tue Jun 29 14:19:38 2010 -0400
@@ -14,35 +14,58 @@
 // License along with this library; if not, write to the Free Software
 // Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 
-
 package net.sourceforge.jnlp.util;
 
+import java.io.File;
+
 /**
- * This class contains a few file-related utility functions. 
+ * This class contains a few file-related utility functions.
  * 
  * @author Omair Majid
  */
 
-public class FileUtils {
+public final class FileUtils {
+
+    /**
+     * list of characters not allowed in filenames
+     */
+    private static final char INVALID_CHARS[] = { '\\', '/', ':', '*', '?', '"', '<', '>', '|' };
+
+    private static final char SANITIZED_CHAR = '_';
 
-    
+    /**
+     * Clean up a string by removing characters that can't appear in a local
+     * file name.
+     *
+     * @param path
+     *        the path to sanitize
+     * @return a sanitized version of the input which is suitable for using as a
+     *         file path
+     */
+    public static String sanitizePath(String path) {
+
+        for (int i = 0; i < INVALID_CHARS.length; i++)
+            if (INVALID_CHARS[i] != File.separatorChar)
+                if (-1 != path.indexOf(INVALID_CHARS[i]))
+                    path = path.replace(INVALID_CHARS[i], SANITIZED_CHAR);
+
+        return path;
+    }
+
     /**
      * Given an input, return a sanitized form of the input suitable for use as
      * a file/directory name
-     * 
+     *
      * @param input
      * @return a sanitized version of the input
      */
-    public static String sanitizeFileName(String input) {
+    public static String sanitizeFileName(String filename) {
 
-        /*
-         * FIXME
-         * 
-         * Assuming safe characters are 'a-z','A-Z','0-9', '_', '.'
-         */
+        for (int i = 0; i < INVALID_CHARS.length; i++)
+            if (-1 != filename.indexOf(INVALID_CHARS[i]))
+                filename = filename.replace(INVALID_CHARS[i], SANITIZED_CHAR);
 
-        String sanitizedName = input.replaceAll("[^a-zA-Z0-9.]", "_");
-        return sanitizedName;
+        return filename;
     }
-    
+
 }