我正在尝试使用 ESAPI 提供的 jar (esapi-2.0_rc11) 中 DefaultValidator 类的 getValidFileName (String, String, list, boolean) 方法来验证文件名。但是在运行时得到没有这样的方法异常。
这是我的代码:
public static String getValidFileName(String input,String[] strFileExtns, Boolean isNullable) throws Exception
{
List <String> fileExtnsList = new ArrayList <String>();
if (strFileExtns != null && strFileExtns.length > 0)
for(int i=0; i<strFileExtns.length; i++)
fileExtnsList.add(strFileExtns[i]);
return new DefaultValidator().getValidFileName("FileNameValidation", input, fileExtnsList, isNullable);
}
我正进入(状态
java.lang.NoSuchMethodError:org/owasp/esapi/reference/DefaultValidator.getValidFileName(Ljava/lang/String;Ljava/lang/String;Ljava/util/List;Z)Ljava/lang/String;
jar中的代码:
public String getValidFileName(String context, String input, List<String> allowedExtensions, boolean allowNull)
throws ValidationException, IntrusionException
{
if ((allowedExtensions == null) || (allowedExtensions.isEmpty())) {
throw new ValidationException("Internal Error", "getValidFileName called with an empty or null list of allowed Extensions, therefore no files can be uploaded");
}
String canonical = "";
try
{
if (isEmpty(input)) {
if (allowNull) return null;
throw new ValidationException(context + ": Input file name required", "Input required: context=" + context + ", input=" + input, context);
}
canonical = new File(input).getCanonicalFile().getName();
getValidInput(context, input, "FileName", 255, true);
File f = new File(canonical);
String c = f.getCanonicalPath();
String cpath = c.substring(c.lastIndexOf(File.separator) + 1);
if (!(input.equals(cpath)))
throw new ValidationException(context + ": Invalid file name", "Invalid directory name does not match the canonical path: context=" + context + ", input=" + input + ", canonical=" + canonical, context);
}
catch (IOException e)
{
throw new ValidationException(context + ": Invalid file name", "Invalid file name does not exist: context=" + context + ", canonical=" + canonical, e, context);
}
Iterator i = allowedExtensions.iterator();
while (i.hasNext()) {
String ext = (String)i.next();
if (input.toLowerCase().endsWith(ext.toLowerCase()))
return canonical;
}
throw new ValidationException(context + ": Invalid file name does not have valid extension ( " + allowedExtensions + ")", "Invalid file name does not have valid extension ( " + allowedExtensions + "): context=" + context + ", input=" + input, context);
}
有人请帮我解决这个问题。