我有一段代码在哪里我必须读取文件的可能内容。
我遇到路径操纵错误。
PFB代码:
while ((ze = zis.getNextEntry()) != null) {
String fileName = ze.getName();
String esapiFileName = ESAPI.encoder().canonicalize(fileName);
boolean esapiValidFileName = ESAPI.validator().isValidFileName("upload", esapiFileName, false);
String _completefileNamePath = null;
if (esapiValidFileName) {
_completefileNamePath = _destination + esapiFileName;
// Below line having Path Manipulation error
FileOutputStream fos = new FileOutputStream(new File(_completefileNamePath).getCanonicalFile());
// Path Manipulation error ends
while ((size = zis.read(buffer, 0, buffer.length)) != -1) {
fos.write(buffer, 0, size);
}// while
fos.flush();
fos.close();
zis.closeEntry();
}
}
答案 0 :(得分:1)
您的路径是相对的还是绝对的?
是的,在打开FileOutputStream之前,您实际上并不需要获取规范文件:
FileOutputStream fos = new FileOutputStream(_completefileNamePath);
或
FileOutputStream fos = new FileOutputStream(new File(_completefileNamePath));
或
import java.nio.file.Files;
import java.nio.file.Paths;
while ((ze = zis.getNextEntry()) != null) {
String fileName = ze.getName();
String esapiFileName = ESAPI.encoder().canonicalize(fileName);
boolean esapiValidFileName = ESAPI.validator().isValidFileName("upload", esapiFileName, false);
String _completefileNamePath = null;
if (esapiValidFileName) {
_completefileNamePath = _destination + esapiFileName;
// optional: Files.createDirectories(Paths.get(_completefileNamePath).getParent());
Files.copy(zis, Paths.get(_completefileNamePath));
zis.closeEntry();
}
}